6 tips to avoid school district ransomware attacks

"Considering that schools today are busier than ever... they are now prime targets for bad actors and more vulnerable than ever before"
By: | October 6, 2020
Photo by Michael Geiger via Unsplash.

Larry Roshfeld is the CEO of AffirmLogic and is an innovative entrepreneur with a passion for improving cybersecurity.

COVID-19 has prompted schools around the country to completely overhaul how they teach and operate, and because of all of these logistical considerations, proper IT security practices may have become a lower priority. This is of particular concern given several school districts have already been targeted by ransomware this year including Fairfax, VA; Newhall, Santa Clarita, CA; Hartford, CT; and Clark County, Nevada.

According to Verizon’s 2019 Threat Report, education continues to be plagued by incidents, reporting 382, 99 with confirmed data disclosure. The report also notes that 80 percent of education breaches are financially motivated.

Today, school administrations around the world are struggling mightily, and there is little time to consider that security threats have evolved, exposing critical gaps in current protection methods. In the midst of a global pandemic, schools today are busier than ever, focusing heavily on scenario planning and the switch to remote delivery, leaving them prime targets for bad actors.

To effectively assess, understand and mitigate cybersecurity risk, school administrations around the country need to act quickly. With the proper approach, systems can prevent breaches that hold critical information for ransom and wreak havoc during an already atypical school year. Here are six tips for school systems looking to mitigate risk:

1. Segment networks and tightly restrict access to the “classified network” with confidential data.

It’s important to review the types of data stored on your systems. Wherever possible, put highly sensitive data (e.g. teacher and student personal identifying information) on a separate network that is only accessible by users specifically authorized for that information. This reduces the chances of it being exposed to attack by a user downloading malware.

Related: Five questions district leaders should be asking about cybersecurity

2. Put in multi-factor authentication on the “classified network.”

For those users with legitimate access to that data, multi-factor authentication reduces the chance of a bad actor stealing a password and accessing the system.

3. Enlist proactive penetration testing.

Just because you believe a system is secure from attack doesn’t mean it is. Hire a “pen tester” to see if they can readily access your systems using default passwords, social engineering, or other common means of attack.

4. Conduct regular backups with offsite storage.

If the data is worth saving, it is worth backing up. Backup all saved data, and always store one set of backups offsite – also make sure to test your backups to see if they can be used to restore data. You’d be amazed at how common it is for an organization to try to restore data from a backup only to find out the backup was blank or defective!

5. Ensure cyber-security is constantly up to date on the servers and endpoints.

Software vendors are constantly releasing updates and patches to address newly discovered security issues. While keeping up to date on them can be a nuisance, getting hacked is far worse.

6. Conduct daily scans on all systems.

The sooner you can identify an attack, the sooner you can eliminate it and improve your defenses. Attackers will often probe a system with a minor attack. If it isn’t detected and repulsed, the next attack can be crippling.

When it comes to ransomware, preparation is the key. Trying to recover from an attack is like trying to put the toothpaste back in the tube. If school systems plan for the worst, even in the midst of a year of unprecedented challenges, they can proactively improve their defenses, ensuring that the school year will not be interrupted by a cyber attack and that student, teacher, and staff data will remain protected.

Larry Roshfeld is the CEO of AffirmLogic and is an innovative entrepreneur with a passion for improving cybersecurity.

Interested in edtech? Keep up with DA's Future of Education Technology Conference®.