2017 will go down as the year ransomware hit the mainstream, thanks largely to malware known variously as WannaCry, WannaCrypt or WannaCryptor 2.0.
The malicious software compromised systems across Asia, Europe and beyond, affecting high-profile victims such as Britain’s National Health Service (NHS). Outdated operating systems and computers that had not installed a Windows security update were identified as the weak link.
For IT security professionals in the education sector, who also suffer from a general lack of IT resources and security expertise, the rise of ransomware is a worrying development that will put more pressure on already stretched resources.
What is WannaCry?
WannaCry, and its variants, is a form of ransomware, a type of malicious software that blocks access to your files and data until a financial ransom is paid. It typically locks your system, prevents you from using Windows and encrypts your files so you can’t use them. It is spread via spam or targeted campaigns, often arriving in an unsolicited email or attachment.
WannaCry exploits the Server Message Block connection in Windows systems that enables the transfer of data between computers. WannaCry is especially dangerous as it can infect connected systems without any user interaction. And it only needs to reside on a single connected computer to infect an entire network.
Why is the education sector a target?
Like healthcare, educational institutions offer cybercriminals rich pickings in the form of sensitive personal and financial data, as well as valuable academic research and other potentially compromising information unique to the sector.
Security firm BitSight reports that education is the most targeted sector in the US, with 13 per cent of educational organisations having been compromised by ransomware in 2016. This is three times the rate of healthcare and more than 10 times the rate recorded in the financial sector.
Ransomware and the education sector
It’s difficult for K–12 schools to fight ransomware, primarily due to tight budgets and under-resourced IT teams. And universities are environments where file sharing is commonplace, making ransomware a huge security challenge for IT departments.
Protecting your organisation against ransomware
Even if your IT budget is tight, there are some simple steps you can take to prevent the spread of ransomware and other malware, without incurring significant costs:
- If a computer is infected, isolate it from the network as soon as possible and alert all users of the infection.
- Keep all your software up to date, especially security patches and system-critical updates.
- Implement an awareness program for staff and educate them on how ransomware is delivered.
- Back up data regularly using physical and cloud sources.
- Establish an email security protocol to prevent prospective attacks; discourage users from clicking on links, attachments or emails from companies they don’t know.
- Advise your users to avoid file sharing, which can be a source for ransomware to infiltrate your network.
- Segment your Wi-Fi to keep staff, students and guests on different networks.
If you have the budget, upgrade ageing infrastructure and software to reduce your vulnerabilities. It could be critical, especially if you are running systems that no longer receive mainstream support.