6 Steps to Protect Your School District from Ransomware - NIC Partners

Cybersecurity in Education

Cybersecurity should be a priority for school districts. Ransomware attacks are actually increasing in prevalence in K-12 and higher education institutions. In 2019, the worst cyber-attacks affected more than three-quarters of a billion people and saw a wide range of personal data compromised. The breaches exposed bank account numbers, dates of birth, PINs, driver’s license images, driving records, and passwords.

Schools, colleges, and other educational institutions are particularly vulnerable to ransomware attacks because they store sensitive data like student records, personally identifiable information, and protected health information. Opportunistic hackers know that if they can access this data and threaten to expose it, organizations will often do anything to secure it once again. In July 2019, Louisiana’s governor declared a state of emergency after a spate of ransomware attacks infected school districts in four different cities.

 Webinar: Cybersecurity for Changing Times in Education

Widely considered to be the fastest-growing malware hazard of the 21st century, ransomware poses a significant threat to the education sector. This, coupled with the limited budget allocations that many K-12 districts and colleges encounter, presents a considerable problem.

Six Steps to Keep Your School Safer Online

The US Senate passed the “DHS Cyber Hunt and Incident Response Teams Act” last year to authorize the DHS to maintain teams to help private and public entities defend against cyber-attacks. The FBI issued a Public Service Announcement providing information on best practices to prevent an attack and how to respond in the case of an attack.

Even though you’re dealing with budget constraints, there are steps you can take to minimize your risk of a ransomware attack.

1. It’s essential to change the mindset within your organization. Security awareness training for your students and staff doesn’t have to cost a lot – but can help keep your data safe. Regular training is important – make cybersecurity a part of your school culture. The most common way that ransomware takes hold is staff or students innocently opening malicious email attachments.
2. Adjust your email and web filters to prevent phishing emails and executable files from reaching your students and faculty in the first place. Be sure to configure your firewalls to block access to IP addresses that are known to be harmful. Be sure to implement application whitelisting as well.
3. Ensure your anti-virus and anti-malware software is up-to-date. You should also scan incoming and outgoing emails for threats. Advanced solutions, known as “endpoint protection,” will help you block attacks and respond to threats quickly through a combination of machine learning, advanced search capabilities, and endpoint isolation.
4. Eliminate the need to pay a ransom to access your data by ensuring appropriate backup procedures. Make sure you’ve got backup redundancies like backing up offsite or to an offline external drive.
5. Utilize a cloud-based cybersecurity solution to make sure you achieve CIPA compliance without the high cost of on-premises solutions. Such solutions can be fast to deploy, offer simplified management through web-based dashboards, and reduce the demands on your IT staff. They also enable you to enforce your school’s acceptable use policy.
6. Employ a network traffic analysis solution to provide visibility into your entire network – both private and on the cloud. This visibility can help you detect advanced threats early by highlighting suspicious behavior. The best solutions use behavioral modeling, machine learning, and global threat intelligence to analyze your network activities pinpointing threats with high-fidelity alerts continually.

If despite your best efforts, you still experience a ransomware attack, the FBI urges you to reach out to their local field office and report the incident as soon as possible. Additionally, they recommend you do not pay the ransom.

Cisco 2019 Threats of the Year Report

As with everything, knowledge is power – but we don’t have to tell you that you work in education. To know what you should be on the lookout for, download Cisco’s end-of-year report which looks at the most significant cyber threats of 2019, including DNS hijacking and targeted ransomware.

It’s important to stay on top of what’s happening in the cybersecurity space. At NIC Partners, we make it our business to keep abreast of industry developments so we can recommend the best possible solutions at the most cost-effective price for your school or district. Contact us today to start a conversation about the most appropriate cybersecurity plan to properly protect your systems, students, staff, and data.

A version of this article originally appeared on LinkedIn on February 18, 2020.