26 August 2016

What Would You Do?

Imagine you're a Principal at a large school. The ICT Manager rushes into your office in a panicked state... He tells you the school has just been subject to a cyberattack and now there is a growing list of confidential files you can't access unless you agree to pay the amount of $10,000... What would you do?

You're faced with 2 choices:

  1. Spend multiple days offline attempting to recover the files; Or
  2. Pay the ransom.

This type of attacked is called 'ransomware' and is a particular form of malware where access to data is blocked and held hostage by criminals until a sum of money is paid. Ransomware attacks are increasing in both regularity and cost of ransom. Furthermore, it's becoming more common in schools where educational organisations typically share same network infrastructures - schools placing public computers (like library computers, student BYO lap tops and classroom workstations) on the same networks as administrative computers.

Once infected, it’s easier for schools to experience the domino effect of ransomware, spreading from one computer to the next and ultimately locking down an entire network.

What makes Schools Unique?

Schools have various types of corporate, personal, health and financial data for students, parents and staff – all of which is highly sensitive and thus very lucrative for criminals.

While organisations such as hospitals are fairly limited by which devices are approved to enter the network, schools generally encourage their users to bring their own devices. These untold numbers of unmanaged machines connected to the school’s network bring about higher levels of challenge for effective security management, leaving the network vulnerable to various forms of malware.

What Can Schools Do?

The best line of defence against malware is being prepared. Here are a few ways to best avoid the damages possibly caused by cyber criminals:

  • Back up data: This may be obvious, but it is also crucial. Having regularly updated and (more importantly)secure backups of data can prepare schools in emergencies and against ransomware. Ensure this backup is on an external drive or backup service – one that is not assigned a drive letter and is disconnected from the systems and network when not in use.
  • Test the backup restoration process: This is less obvious, but even more crucial! Having regular backups of data is worse than worthless – because of the wasted time and effort, and the false sense of security – if that data cannot be restored should the need arise.
  • Keep software up to date: Having updated software can decrease the potential of malware infections. CyberHound offers advanced web filtering to protect schools from inappropriate content and provide malware detection in links.
  • Use a reputable security suite: Having both anti-malware software and a firewallcan provide layered protection, helping identify threats or suspicious behaviour. Choosing the right security suite can be a challenge in schools; however, some are designed specifically for tailored needs.
  • Use the principle of least privilege: Creating access barriers for users within the school’s network can slow or halt the spread of malware. Students, teachers and administrators should only have access to systems that are necessary and appropriate to their scope of work.
  • Educate users: It is essential to inform all users in the network about what constitutes an acceptable use of school resources.

If you'd like to find out more how schools can help protect their online environments,contact CyberHound.