Ransomware attacks are becoming an increasingly widespread problem for educational institutions. Just in 2021 alone, ransomware cost schools and colleges upwards of $3.56 billion.
But what exactly is this ransomware, and why is it so dangerous?
Well, ransomware is a type of malware that encrypts data-containing files on PCs. Hackers can then charge schools huge sums of money for the key to decrypt said files and gain access. Incidents involving the use of ransomware are growing in number too- just this year, a school in South Carolina agreed to pay $8,500 to regain access to its servers.
How Ransomware Spreads
Okay, so we’ve established that ransomware is dangerous. But how does it spread?
Surprisingly, ransomware attacks rely a lot on human error. Ransomware usually spreads when users interact with sources like phishing emails that contain malicious links or file attachments.
An email containing ransomware may display intimidating messages like::
- “Your system has been infected with malware. Click to resolve the problem now.”
- “You used your PC to visit a site with illegal content. Pay $100 to unlock your computer.”
- “Your system data has been encrypted. Pay $… within 42 hours to regain access to your files.”
Of course, these are all bluffs. But when someone does interact with said emails, they invite malware onto their PC or server.
Tips to Avoid Ransomware
Once you’ve been attacked by ransomware, the recovery options are few and far in between, and schools are mostly advised to submit the ransom money to get their files back. This is why it’s essential to take preventive measures and avoid ransomware altogether. We’ve discussed some of these safety tips below.
1. Create Back Ups
Maintaining a backup of all your files is the best defense against ransomware. All your data should be divided into 4 copies- 2 copies stored on local drives or tape, 1 copy kept in cloud or secure storage, and 1 copy in an immutable format (immutable data is once-written and can only be read again- there’s no way to reverse it). This way, if you’re a victim of ransomware, you won’t have to pay as you will have recoverable copies of data.
2. Maintain Anti-Virus Software
Maintaining up-to-date anti-virus software on your PC can help stop attempted breaches. With the correct settings, anti-malware programs filter out most phishing emails and neutralize spam threats.
3. Update Software
Likewise, keep your hardware and software updated. Software developers release updates and patches regularly that fix bugs and other vulnerabilities, so updating apps is important.
4. Restrict PC Use
Additionally, make sure only authorized personnel can access your PCs and servers. Use encrypted software for remote communications. Purge all old files so you become a less attractive target for hackers.
5. Cybersecurity Training
Since human error is responsible for so many ransomware attacks becoming successful, training your staff about cybersecurity best practices is crucial. Make sure nobody opens suspicious emails, clicks on odd links, or visits unverified servers. Also, it’s important employees not enable macros in documents received via email.
6. Develop a Response Plan
Lastly, have a written response plan in place in case you face a cyberattack. Devise a plan with your legal and communications team, and keep your school board involved.
What to Do if You Fall Victim to Ransomware?
If you face a ransomware attack, immediately turn off the affected computer. Remember that ransomware spreads across PCs like an infection- disconnect the device from all networks and local servers, then call an IT professional immediately.