Securing Your School Against Ransomware and Hacking

Cybersecurity researchers say threats are on the rise against all organizations, with more increasing threats in K‑12.

Security against ransomware, hacking, viruses

It’s unfortunate but in today’s world it’s not a matter of if but when your school system is targeted in a hack or ransomware attack. Cybersecurity researchers say these are only on the rise against all organizations, with a seven-fold increase in the last year, and schools are not at all immune to this phenomena. In fact, the FBI began warning schools of increased attacks in June as Covid has driven more dependency on computer and network systems leaving K‑12 schools as “opportunistic” targets to would be cyber criminals. A quick google search confirms this, sadly, with remote learning disrupted by a teen attacker for several days in one of the nation’s largest school systems. Even lower profile school systems a fraction of that size find themselves targeted, and in this case, at least temporarily shut down. September already represented a jump up from August in attacks against schools nationwide, according to researchers. These are likely to keep rising, as schools are considered “soft but lucrative targets.” It’s low risk high reward for hackers but always a high risk for schools, with learning time and finances on the line.

What is Hacking?

Hacking is an attempt to compromise computers and computer systems, even whole networks. You might be reading this on your smartphone or tablet. Don’t forget that both are essentially computers too, and can be just as vulnerable to hacking, as is any “smart” device for that matter — from smart cameras to climate control systems. Hackers, those who do the hacking, might do it deliberately for personal gain or maybe to make some sort of statement, or simply just because they happen to identify some sort of weakness and can. They are experimenters by nature and eager to prove themselves against challenges that intend to keep out unauthorised users. When they do gain access to a computer, system, or network, they might be able to cause damage, steal information, or prevent use by authorized users.

What is Ransomware?

Ransomware is malware — malicious software —  that hackers use to encrypt a victim’s files. This denies the victim access to their own files. Usually the attacker demands a ransom to restore regular access with payment. Victims are given instructions for paying the ransom to obtain the decryption key. These ransoms can range wildly depending on the hacker and individual or organization targeted. Small scale attacks may involve a ransom of a few hundred dollars but large scale ones can easily be thousands of dollars, often payable to criminals in the form of cryptocurrency. This allows the hacker to move and hide the money quickly.

How can you protect your school?

Protection is difficult and ongoing as threats constantly evolve. It’s not something that’s ever just solved and done with. Luckily though, there are several affordable and simple steps that the FBI recommends for schools and districts to mitigate cybersecurity threats.

  • Frequently backup data. The more important the date the more frequent. This is also something easily automated.
  • Keep backups secure. If backups are separate from the computers and networks they serve then they are insulated from the ransomware attacks that would target those systems. Having these secure copies can make a ransomware attack useless if necessary data is still available.
  • Keep operating systems and software up to date. Developers are constantly updating their products to address known vulnerabilities. If IT staff as well as users — be they administrators, teachers, students, or parents — stay on top of updates it will at least shut out known threats.
  • Monitor software and remote connections. Keep watch over activity that does not follow typical patterns and behaviors, especially failed login attempts from accounts that have wide privileges.
  • Take advantage of two-factor authorization for login. This creates an extra verification step in addition to passwords for accessing accounts, especially useful in those accounts with the ability to make modifications to important systems and files.

It is more important than ever to educate staff and students about cybersecurity as more and more takes place outside of schools and the school network, even with school-issued devices. Many ransomware attacks can begin simply with disguised email and any personnel that could potentially port that into the wider network need to be taught how to recognize phishing.

In addition to IT habits and solutions to hacking and ransomware there are also insurance options for schools and school systems. Cybersecurity insurance is a product that organizations can purchase to help them deal with the consequences and effects of any online attacks. The providers recognize that there is always some danger to the complex computers systems that organizations use. This type of insurance can cover investigating the scope of an attack, public relations to manage response, credit monitoring for any individuals whose records are exposed, legal costs, and lost revenue if applicable. Insurance may even pay ransoms, in some circumstances, although the long term effectiveness of the practice is not without critics.

Bottom Line

Schools and districts, no matter how small, need to recognize that they may be targeted by hackers and evaluate their vulnerabilities and options. We here at LINQ Forms & Workflows hope that stakeholders take the threat seriously and that lost learning time and other cybersecurity damages can be minimized, if not prevented outright.