Is Your Child’s School at Risk for Ransomware?  

Cybercriminals have finally discovered—and exploited—an unfortunate truth: Schools are not making cybersecurity a high enough priority.

While schools focus on education (as they should, of course), hackers are waiting quietly, knowing that cybersecurity is being overlooked. That oversight is understandable, as schools want to focus on their core functions, but it could end horribly.

The Syracuse City School District learned this lesson the hard way. Administrators’ summer came to a screeching halt as an attacker was able to infect the schools’ computer system with ransomware. The attack caused a week-long computer outage until school officials could remedy the issue. The district is expected to pay $50,000 to restore the system.

Here’s a look at what ransomware is and what schools should be doing to protect their information.

What Is Ransomware Exactly?

Ransomware is a type of malware that allows a hacker to lock information, threatening to destroy it or make it public if the victim doesn’t pay a ransom. Once the perpetrator infects a device with ransomware, the malware spreads to other devices connected to the network, locking down information along the way. This particular type of attack is increasingly popular with schools. Cybercriminals know that while they can’t do much with student information, schools can’t do much without it. Attacks like these put administrators in a tough spot. Imagine deciding whether or not to pay the ransom. If the school pays, there is no guarantee that the hacker will unlock the data.

We are dealing with criminals here, after all. If the school doesn’t pay, it goes without data that is crucial to operations, or it risks the hacker publishing potentially sensitive information.

We don’t want anyone to be in this situation, especially our educators. Here are a few ways your school can protect against a ransomware attack.

What Can Schools Do to Prevent a Ransomware Attack?

  • Frequent backups. Hackers have the high ground in these attacks because they have information schools need to function. Without computer systems, schools are rendered helpless until they find a solution, which could take days or weeks. Frequent backups have the potential to keep the ball in the school’s court. If the school can restore the information from a backup, the main issue is resolved.
  • Monitor patches and updates. Hackers are waiting for a vulnerability to exploit. Don’t give them one. Your school’s IT staff should be monitoring all patches and updates to ensure that the network remains as secure as possible.
  • Cybersecurity training. A computer can be infected by ransomware in a variety of ways—most commonly phishing emails and drive-by downloads. Your school’s chance of any type of cyber attack, not just ransomware, significantly decreases with cybersecurity training. Your administrators, faculty, and students should all be aware of how to identify a potentially malicious link and how to create a strong password.
  • Use [and update] a robust antivirus. An antivirus is your first defense against hackers. Your school should always ensure their antivirus is updated and does not lapse.
  • Consult an expert. In the past, school IT professionals have been hired to take care of immediate needs like installations and repairs. They have a lot on their plate just making sure the entire school has the equipment it needs, and that it’s all working correctly. An outside perspective on your school’s security needs is a significant step toward keeping the school safe and running smoothly.

How Can Managed Services Help?

A school’s internal IT staff is overwhelmed with the day-to-day. Outsourcing to managed IT services takes daily operations and cybersecurity off the to-do list. Instead, IT can focus on higher-level tasks that facilitate education-based initiatives.

Technology Lab provides managed IT services that keep your network safe from hackers. We build a long-term technology strategy that helps your school reach its goals, in and out of IT. Contact us today to schedule a consultation.