Sunday, March 26, 2023
AI Home Security
No Result
View All Result
  • Home
  • Home Security
  • Cyber Security
  • Biometric Technology
  • Home
  • Home Security
  • Cyber Security
  • Biometric Technology
No Result
View All Result
Morning News
No Result
View All Result
Home Cyber Security

5 Ways to Fight School Ransomware Attacks

justmattg by justmattg
March 16, 2023
in Cyber Security
0
5 Ways to Fight School Ransomware Attacks
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter



Nantucket is a small island of windswept dunes and postcard perfect lighthouses 30 miles off the coast of Massachusetts. It’s a place so isolated that Herman Melville described it in Moby Dick as “a mere hillock, and elbow of sand; all beach, without a background.”

But even this remote enclave couldn’t escape the ransomware scourge that has been plaguing K-12 school districts around the United States.

Attacks on Schools

In late January, a ransomware attack caused the closure of Nantucket’s four public schools. The island’s 1,700 students were sent home at noon Jan. 31 and told not to use school-issued electronic devices. Schools reopened Feb. 2.

Nantucket wasn’t alone. The same week, a ransomware attack affected computer systems at the Tucson Unified School District, though schools were able to remain open.

Ransomware assaults targeting the education sector have jumped dramatically around the world. Globally, a whopping 56% of K-12 schools were hit last year (PDF), according to a survey of 5,600 IT professionals in 31 countries by cybersecurity company Sophos.

The loss of learning after a cyberattack typically ranges from three days to three weeks, and recovery time lasts from two to nine months, the US Government Accountability Office reported in October.

These incidents and others — like the one in September that forced the Los Angeles Unified School District, the nation’s second largest, to take its computer systems offline — not only show the lengths cybercriminals will go to if they’re willing to attack one of the country’s most precious institutions but the special struggles that school districts face in fighting the threat.

Public school districts tend to fall below what is commonly called the “cybersecurity poverty line,” a haves-and-have-nots division between organizations equipped with the resources to implement strong security measures and those challenged by insufficient IT budget, expertise, and other factors.

A large company can afford the most stringent cybersecurity protection, but limited budgets and talent make it difficult for other organizations, from schools to small businesses, to defend themselves and recover quickly from attacks.

School districts usually confront these three distinct hurdles.

First, districts lacking the budget for all the security tools and people needed for the most fortified defenses are forced to make tough choices about what security aspects to prioritize. Second, it’s a tall order for school districts to compete for cybersecurity professionals amid a worldwide talent shortage (PDF) that keeps driving salaries higher. Third, school districts are still relying on legacy IT infrastructure that is more vulnerable to cyber incidents.

And all of this comes at a time when cybercriminals keep getting more sophisticated in their attack techniques and their ambitions, the latter exemplified by a ransomware-as-a-service industry in which malware developers make their software available to third-party attackers who execute the ransomware attacks.

Recommended Security Steps

Despite these challenges, school districts can still pass the cybersecurity test with planning, attention, and action. Here are five recommended steps.

1. Determine cybersecurity maturity.

School districts must self-examine where they are on the cybersecurity maturity spectrum. Are they at the first stage, prepared for data breaches at a basic level with safe and secure backups?

Are they at the second stage, having started taking measures such as conducting tests and simulations to prevent data breaches as well as monitoring signals from their data that help identify data risks and investigate threats faster?

Are they at the third and final stage, having embraced a proactive stance toward data breaches, regularly conducting tests of both vulnerabilities as well as of recoverability?

Many large companies have found this maturity model effective in helping better understand and measure cyber-risk management. Schools should do the same.

2. Have a recovery plan ready and act quickly.

Schools must stand prepared to spring into action after a cyber incident is discovered. That means maintaining  a turnkey system for activating a clean backup of data and applications if primary systems are compromised.

3. Emphasize employee training.

Attackers use techniques like phishing to compromise user identities and get to critical data. An attack can spread through a system quickly by someone clicking on an untrustworthy link.

Therefore, school districts should train, train, and train some more to help their people recognize and report phishing attacks.

4. Focus on data.

In a world awash in data, organizations must protect their large volumes of data from various forms of unauthorized access. That has two ramifications for school districts.

One, school system IT teams should focus not only on securing devices and the network perimeter but also on ensuring data always remains safe and available. Data, after all, is what ransomware attackers go after.

Two, school officials should look closely at what data they have. Many have collected data for the sake of collecting data because they might need it at some point. It’s time to ask what really is essential, and focus on protecting the most critical and sensitive data.

5. Push for federal help.

The GAO in its October report recommended actions the federal government should take to help school districts. Those included establishment by the secretary of education of a cross-agency mechanism to coordinate cybersecurity efforts between agencies and with the K-12 community; an effort by the Education Department, in coordination with federal and local stakeholders, to determine how best to help school districts overcome challenges in addressing cyber threats; and development of metrics for measuring the effectiveness of its cybersecurity-related products and services available to school districts.

School officials should welcome these recommendations and lobby to make sure they’re enacted.

While it’s sad that cybercriminals have made K-12 schools a top target, these steps show that districts have the power to fight back. What could be more important? Our children’s learning is at stake.



Source link

READ ALSO

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

‘Dark Power’ Ransomware Extorts 10 Targets in Less Than a Month

Related Posts

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
Cyber Security

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

March 26, 2023
Everything You Need to Know
Cyber Security

‘Dark Power’ Ransomware Extorts 10 Targets in Less Than a Month

March 26, 2023
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Cyber Security

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

March 26, 2023
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
Cyber Security

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals

March 25, 2023
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
Cyber Security

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

March 25, 2023
Red Teaming at Scale to Uncover Your Big Unknowns
Cyber Security

Red Teaming at Scale to Uncover Your Big Unknowns

March 24, 2023
Next Post
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

POPULAR NEWS

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems

February 13, 2023
Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits

Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits

February 11, 2023
The New Threats to Cryptocurrency Users

The New Threats to Cryptocurrency Users

February 12, 2023
Do you know who is watching you?

Do you know who is watching you?

January 2, 2023
PopID announces big customer deployment for face biometric payments in UAE

PopID announces big customer deployment for face biometric payments in UAE

February 14, 2023

EDITOR'S PICK

Application of biometric face identification technologies in financial institutions

Application of biometric face identification technologies in financial institutions

February 5, 2023
Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

January 14, 2023
Self-Defense for Runners, Walkers, and Cyclists

Self-Defense for Runners, Walkers, and Cyclists

January 9, 2023
Biden’s WSJ op-ed targets Big Tech, and Apple should be both nervous and pleased

Biden’s WSJ op-ed targets Big Tech, and Apple should be both nervous and pleased

January 12, 2023

About

We bring you the best news & updates related to Home security, Cyber security and Biometric technology. Keep visiting our website for latest updates.

Follow us

Categories

  • Biometric Technology
  • Cyber Security
  • Home Security

Recent Posts

  • OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
  • ‘Dark Power’ Ransomware Extorts 10 Targets in Less Than a Month
  • Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
  • U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
  • Privacy Policy
  • Contact Us

© 2023 AI Home Security - All rights reserved.

No Result
View All Result
  • Home
  • Home Security
  • Cyber Security
  • Biometric Technology

© 2023 AI Home Security - All rights reserved.