- Secure Schools US Blog
- What is ransomware and how to protect against it
What is ransomware and how to protect against it
Ransomware is a combination of the words ransom and malware, and malware is a combination of malicious and software. Clear so far? Basically, malware is software containing a virus designed to cause problems to computers, networks and devices such as printers or interactive whiteboards.
Ransomware is a real and growing threat to American schools and districts, with some reports stating that the number hit by an attack doubled between 2021 and 2022.
The type of malware used in a ransomware attack usually encrypts (locks up) the data held on a network. In a school district, this could be within any software that sits on the district's servers and not in the cloud (online). If an attacker accesses a district-wide network or piece of software, they can cause havoc to all of the schools within it. Cloud software is also vulnerable to attack but usually via an attack on the supplier and not the school.
Once cybercriminals lock the software and the data it holds, the school or district cannot access it, and they demand a ransom for it to be released. This ransom can run into thousands or millions of dollars or bitcoin.
How does ransomware enter the network?
Like burglars, cybercriminals find ways to enter the network through weaknesses and holes. Understanding where these weaknesses are and patching them up protects the school from attacks.
Five things staff can do to keep the network protected
- Keep software and apps up to date.
- Remove old and unused software and apps from your devices, including your mobile phone.
- Avoid logging into public wifi as this is often insecure.
- Unless permitted to do so, do not access school software, including emails, on personal devices, even if you think you are doing this securely.
- Be careful responding to emails that make you feel pressured into doing something, as this may be a phishing email.
Five ways schools can protect themselves from ransomware
- Train staff in the basics of cybersecurity, including phishing emails.
- Install firewalls, configure these appropriately and keep them up to date.
- Change default passwords on all routers, devices and software.
- Apply the latest software updates to all software and devices. If any devices can’t be kept up to date and are still in use, remove them from the network.
- Commission an independent review of your systems, audit your cybersecurity culture and recommend improvements.