ransomware attacks rattle schoolsAs the country grapples with how to ensure the safety of our students, teachers, and support staff amid the COVID-19 pandemic, many still have not gone back to full-time, in-person learning. The majority of the school districts across the country have adopted a hybrid model, while many schools are operating entirely online. Extensive use of online environments raises an interesting and slightly different safety question. 

Are school districts prepared to ward off ransomware attacks? Reported cyberattacks paralyzing operations from managing digital classrooms to configuring and monitoring school bus routes suggests many schools are not adequately protected. 

Recent data support the widespread struggle. According to a recent EdTech Magazine article, “Since 2019, more than 1,000 educational institutions have fallen victim to ransomware. With most schools implementing some form of online instruction this school year, these attacks have only increased in volume and speed, and their impact is much more significant.” 

Further complicating the issue is that a significant number of school districts are not well-funded and don’t have the resources to afford the robust, multi-disciplinary teams needed to fend off today’s sophisticated cyberattacks. 

Before the pandemic, many schools functioned in an analog world and were thrust – ready or not – into an entirely digital existence. Cybercriminals recognized the opportunity and have been acting accordingly. However, if a school district can’t afford the cybersecurity team needed to fend off attacks, are they ready to fork over $50,000 to the attackers the way Athens ISD, southeast of Dallas, TX, did? Considering cybercriminals’ skill and relentlessness, is $50,000 merely an opening wager? 

So what can school districts do to help prevent such a catastrophic occurrence? Here are some helpful tips compiled primarily from EdTech Magazine but corroborated from across the web:

  • Cybersecurity fundamentals. To help prevent ransomware attacks, have devices configured correctly, make all needed software and hardware updates, and install needed patches. Also, educate students and staff on proper use and best practices, such as protocols for recognizing suspicious or malicious emails. Also, it’s vital to encrypt sensitive data so that if attackers to secure sensitive data, it is useless to them.
  • Effective data backup protocols. It’s a solution as old as computers themselves. Strategically configure backups of key data, applications, and application platforms. Additionally, configure backups in a manner that, if attacked, the backups are not also corrupted.
  • Automate where possible. Considering the number of parents, students, and teachers with varying levels of tech savvy now relying on strained technology resources, maximizing the value of your IT team’s time is key. Automate defenses where possible, and ensure a base level of protection. 
  • Properly manage and erase data. Consider software that can scan for personally identifiable information to ensure the location of this data is known, and it is being handled properly. And since many districts are distributing devices, have the ability to remotely wipe devices if they’re lost or stolen. 
  • VPNs and firewalls are not enough. Remote learning means teachers and staff are accessing the network from outside of the school’s traditional perimeter. VPN utilization a big help; however, strongly consider multifactor authentication and more secure password constructs.

 

Cybercriminals have gotten more sophisticated, attacks have become more relentless, and the technical knowledge required to keep your organization safe has grown exponentially. But don’t get overwhelmed. At SilverSky, we spend all day, every day providing solutions to defend our clients’ organizations. We employ the diverse technologies and technical expertise required to stand up to today’s cybercriminals—we’re here to help. Contact us.

Managed Security Services

Your around the clock SOC.

Managed Endpoint Detection and Response

Some attacks will succeed. Don’t worry—we have you.

Managed Detection and Response

Augment your IT team using our expertise and the latest technologies.

Email Protection Suite

Defending against the leading attack vector.

Cloud Email and Collaboration

More than ever, the cloud is essential.

Incident Response Readiness

When a breach occurs, you’ll be ready.

Compliance & Risk Services

Take the next steps on your cybersecurity maturity journey.

Trusted Cybersecurity for an Uncertain World

Understand, detect, and effectively respond to threats, reduce business risk and improve the return on your security investment.

Financial Services

We comply with the same regulations you do.

Healthcare

Affordable defenses for a sector under attack.

Retail

SilverSky stands between cybercriminals and your customers’ data.

Benefits of a Single Vendor Relationship

The Cooperative Bank of Cape Cod found itself especially appreciative of SilverSky’s comprehensive solution set—particularly as they rapidly, but securely, enabled employees to work remotely.

ACET

Automated Cybersecurity Examination Tool

HIPAA

Health Insurance Portability and Accountability Act

PCI DSS

Payment Card Industry Data Security Standard

FFIEC

Federal Financial Institutions Examination Council

GLBA

Gramm-Leach-Bliley Act

ACET Helps Credit Unions Further Their Missions

Learn how going all in for ACET protects customers and the health of community-based financial services.

Resources

Articles, guides, ebooks, tools, on-demand webinars, case studies, and more. Explore a range of topics.

Press & Events

Press releases, upcoming conferences and trade shows, and future and on-demand webinars

Revisiting Cybersecurity’s Delicate Balance

Learn how CISOs are rebalancing prevention, detection, and response for stronger cyber defenses.

About Us

Trusted cybersecurity for an uncertain world.

Careers

Looking to join the fight against cybercriminals?

Security Management Console

Comprehensive customer portal for state of devices, reports for compliance, support tickets, and more.

Transforming Cybersecurity Culture from Corner Offices to Cubicles

Executives are increasingly thinking about cybersecurity management in a similar manner as they would any other risk assessment. This guide is here to help.