With school back in session, many institutions are implementing a hybrid learning environment where students can learn in-person in the classroom as well as from a computer remotely. Unfortunately, this new method of education puts schools at higher risk for ransomware attacks according to cybersecurity experts. A multitude of factors put schools at an increased risk including a lack of security within a school’s IT infrastructure and the risks of home device use. Schools and universities must take safety precautions not only to protect their health amid a pandemic, but to protect their networks from cyberthreats.
Why Ransomware Attacks are Rising
The biggest vulnerability for schools and universities is the re-entry of computers and devices that were used at home to complete assignments coming back into the school’s network. Malware and other viruses may have infected unpatched equipment while the computer was used at home. This leads to the possibility of the entire school network being infected when the device connects to the wi-fi and a hacker now has access to confidential schooling data.
According to educationdive.com, a school record is sold for anywhere from $250 to $300 on the dark web, and malware is only one way to obtain the personally identifiable information (PII) in a school record. Teachers and administrators may have a backlog of emails and other correspondence, and in some cases they may be receiving vital health information that affects how the school operates. It is in these cases that a teacher or administrator may click on a phishing link, which may steal or encrypt their files.
Overall, the school systems may have weak network security and patching as tactics to stay safe during a public health crisis took priority. IT funds may have been allocated to improving hot spots for students who have no internet access or providing computers to those without. That leaves little money left for the updates and security needed to protect the school.
Recent Breaches and Ransomware Attacks
Many cyberattacks have occurred in 2020 alone with a recent attack against the University of California in June. Cybercriminals encrypted COVID-19 research front he school during their attack and the university paid over $1 million to have it recovered. Columbia COllege alos experienced an attack in June that cost them highly-sensitive data that the criminals claimed they had successfully extracted from the systems.
The University of Utah also experienced ransomware and paid $75,000 to prevent the attackers from exposing their information. Though these attacks are hitting vulnerable institutions at a crucial time, it is best not to pay the ransom as it does not guarantee your files will be returned. It also makes you vulnerable to future attacks as you will be pegged as a victim who gave into the cybercriminal demands.
Prevention to Allow for Education
Obviously the ideal course of action would be to improve the cybersecurity defenses in a school system. This may not be financially feasible for schools at this time, which is why training is more important than ever. A briefing for both remote learners and teachers on how to spot phishing emails and other cyberattacks can keep devices from becoming vulnerable or allowing for any more attacks than have already taken place.
Another way for schools to protect their data is through encrypted backup devices. SecureDrives are hardware encrypted and come with preloaded antivirus to prevent malware from being transferred to the device from an infected host computer. If you have been hit by ransomware, our digital forensics team can end the attack, find what information was compromised, and who was responsible. Learn more about how we can improve data security at your school by calling us at 1-800-388-1266.