It reads like a roster of the education sector. What do 1,096 K12 schools in the US, University of California, San Francisco (UCSF), Michigan State University (MSU), University College London, the University of Calgary, Los Angeles Valley College, and the University of Utah have in common – apart from being great schools? They’ve all been victims of ransomware attacks. Ransomware attacks on educational institutions have been rising, or rather, tripling, from 2016 to 2019. The numbers in 2020 hit a massive high catalyzed by Covid-19 driven distance learning and the consequent shift to digital SaaS platforms. If you’re the IT Admin of a K12 school or the Director of Cyber Security at a university ransomware protection and recovery are undoubtedly a top priority. Here we list proven and practical pointers for ransomware recovery strategies for K12 schools, colleges, and universities.
Pointers for Ransomware Recovery
Backup to Recover Fast (And Avoid Paying Ransom)
The consensus across security experts is that Backup is the only foolproof way to minimize the impact of a ransomware attack. This is because comprehensive data backup assures quick data recovery and consequently quick disaster recovery. Back up regularly to guarantee quick and cost-effective ransomware recovery for K12 schools, colleges, and universities. However, ransomware recovery will only be successful if the backup is immutable and secure, with easy point-in-time recovery options. A recent example of how Backup reduced the damage of ransomware was with the Ponca City Public K12 Schools in Oklahoma. A ransomware attack hit the school district’s servers just a week before school opening. While this caused them to delay their opening by a week, they were able to recover data from their learning management system thanks to an offsite backup.
Create a Culture of Cybersecurity
The biggest cybersecurity threat to an institution is the insider – a careless click on a phishing link, infected torrents downloads, unapproved software installations. Social engineering scams, this year’s top cybersecurity threat were driven by vulnerable “insiders”. That one click compromised the entire network and data of universities, K12 schools, and colleges. With students, faculty, and staff outside the “cyber secure” campus boundaries, IT Admins have lesser control of the network traffic and devices.
- Create a culture of cybersecurity that imbibes continuous security awareness training and reiteration amongst teachers, students, and staff.
- Regularly send e-bulletins and video tutorials reinforcing email hygiene and updating about phishing red flags and malware strains.
- Send reminders about updating anti-virus patches, software updates, and creating strong passwords.
- Gamify and incentivize cybersecurity best practices and suspicious email reporting. Texas A&M took cybersecurity culture creation up several notches by employing students themselves as cybersecurity apprentices.
Bolster Your IT Security Team With Training and Tools
Every company is a technology company, and with remote learning being the new normal, that extends to educational institutions too. It is essential to have a dedicated IT security team and a CSO that is focused on protecting university data systems, ensuring regulatory compliance, and responding to cybersecurity incidents. This is particularly true for larger universities and colleges. Entire courses, semesters, and classes have moved to the digital space, and valuable personal information crisscrosses across unsecured home networks over unsecured devices. At the very minimum, make certain that your IT administrators undergo mandatory security training. There are conferences and events tailored towards ed-security that can equip your IT staff such as the Future of Education Technology Conference, Consortium of School Networking (CoSN), and the International Society for Technology in Education (ISTE). Invest in security tools for VPNs, multi-factor authentication, network monitoring, email encryption, and endpoint detection.
Outsource to Service Providers to Stay Secure
Local K12 schools and smaller colleges typically have lean IT Admin teams that are stretched thin with growing digital dependencies. Managed/Cloud Service Providers (MSP/CSP), particularly Managed Security Service Providers (MSSP) can do the heavy lifting of securing networks and data, thus enabling you to concentrate on your mission of education. As Chris Novak, Director of Verizon’s Threat Research Advisory Center puts it, “If you’re a school, your focus is on education. The school does not exist for the sole purpose of securing it, it exists to educate.” This is particularly true with the school gone remote. “As we move toward cloud or remote, we need to have a security apparatus that can meet those needs,” Novak says. “We’re seeing that many organizations are moving in favor toward managed security or professional services to help augment and be able to address those changing needs.”
But Remember That Your CSP’s Breach Is Your Breach Too
With complex software stacks, multiple vendors, and service providers, data protection is a shared responsibility. A breach of one of your service providers can cascade to your network and encompass your data. Blackbaud, a major cloud computing provider for educational and non-profit organizations, was the target of a ransomware attack in May. Both UCSF and MSU used Blackbaud as a vendor and had their data impacted as a result of the Blackbaud breach. Verify that your CSP/MSP is compliant and secure. Enforce multi-factor authentication, encryption at-rest, and in-transit, and network compartmentalization.
Harness Legislation That Simplifies Your Cybersecurity Plans
With cyberattacks on K12 schools becoming increasingly common, governments are formulating laws to protect student and teacher data. For example, the K12 Cybersecurity Act helps educational institutions to improve their cybersecurity defenses. They can reach out to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to assess specific cybersecurity risks including those related to sensitive student and employee records. Following this, the CISA will develop cybersecurity recommendations and an online toolkit to help schools improve their cybersecurity systems. The “DHS Cyber Hunt and Incident Response Teams Act” authorizes the Department of Homeland Security (DHS) to maintain and strengthen cyber hunt and incident response teams that can advise educational institutions on ransomware mitigation and assist with incident response measures. Check with your local regulatory laws for cybersecurity laws and acts that can help protect your school.
Respond and Communicate Proactively
Timely, honest, and proactive response can mitigate the damage of a cyberattack, reduce regulatory fines, and restore student and staff trust in the institution. Formulate an incident response procedure that includes an impact analysis and Business Continuity and Disaster Recovery Plan that can contain the damage and help recover from it. Central to an effective ransomware response procedure is empathetic and forthright communication to students, faculty, staff, and authorities.
Ransomware Recovery for K12 Schools, Colleges, and Universities With CloudAlly Backup…At a Special Price Just for Edu
The students and faculty at your K12 school, university, or college depend on you to protect their valuable data on SaaS platforms such as Google Workspace (formerly G Suite), Salesforce, Microsoft 365 (formerly Office 365), Dropbox, and Box. With their wealth of personal data and intellectual property, educational institutions are lucrative and vulnerable targets for hackers. Eliminate the risk of data loss, ensure business continuity, and establish compliance with CloudAlly SaaS backup for education. Cloud-to-cloud, automated, fully encrypted backups on stringently secure AWS servers with unlimited storage and point-in-time recovery.
And because we hugely appreciate your transformational contribution to society. As you focus on your life-changing work, you certainly do not need the hassle and stress of SaaS data loss. Secure all your SaaS data at a special price with our top-rated, secure backup solutions. Just for Edu!