The recent WannaCry and NotPetya attacks have highlighted not only how quickly ransomware actors are growing in sophistication, but also how the interconnectedness of today’s world puts all organizations at risk. In the education sector, ransomware is becoming a major headache for IT managers, making the back-to-school season is a good time to revisit ransomware protection policies.
EDUCATION UNDER ATTACK
A week doesn’t go by without ransomware attacks making the headlines. It’s not surprising, since this year, there has been a 250 percent increasein ransomware incidents.
Ransomware is costing some schools tens of thousands of dollars, as many have no choice but pay the ransom to decrypt their files. Examples include a Montana public school district that paid a $10,000, a New Jersey school districtthat paid $8,500 and a Los Angeles college that paid $28,000.
A weak policy regarding personal devices is among the problems. While nearly 90 percent of K-12 students spend at least an hour a day at school using their own devices, many school districts don’t mitigate security risks from allowing personal devices to connect to their networks. The misconception about Macs is another problem. The popularity of Apple computers is growing both in K-12 schools and higher education. Macs are far from being immune to breaches, even though it’s true that there haven’t been many ransomware incidents targeting Macs.
Mac OS has some built-in authentication and other features to offer basic security protection but they aren’t entirely safe from ransomware risk. Macs are under the radar only because the market share for Windows OS is high, so targeting Macs has a lower return on investment.
This trend is changing, as the popularity of the Mac OS is growing. We’re seeing some ransomware variants targeting Macs as well as families of threats that can be easily tailored to Macs. With the rise of ransomware-as-a-service, it’s only a matter of time before Macs become a major problem.
5-STEP RANSOMWARE PROTECTION
Education IT managers need to go back to basics and evaluate their policies for mitigations against ransomware and other risks. These are some of the best practices:
1. Patches: Bad actors typically exploit vulnerabilities that are months and even years old. Make sure you’re applying all the updates and patches that Apple releases.
2. Backup: Many organizations have been able to avoid paying a ransom because they could complete a full system restore from backups. You need to not only make sure you have redundant backups but also to scan those backups for vulnerabilities.
3. Encryption: While encrypting sensitive data might not protect against ransomware, it’s a good practice for mitigating data breaches. And some ransomware variants have popped up that steal data instead of only encrypting it.
4. Endpoints: Not all ransomware tools are created equal. It’s important to look beyond vendors’ marketing claims to ensure that robust endpoint security is built into your solution.
5. Comprehensive security: A holistic security approach is the only way to ensure data is protected from ransomware and any other attacks. Since threats come from many directions, be sure to secure email, web and the cloud access in addition to the network and endpoints.
As a Fortinet partner with experience serving the education sector, VLCM can help you customize an approach to mitigating your ransomware risk. From IoT to the cloud, we can develop and iron-clad security protection—from deployment to monitoring. Contact us to learn more.