Ransomware is on the Rise in Education: Is Your Organisation Prepared?

 
 

The UK education sector needs a stronger approach to cybersecurity. Last year, the NCSC re-issued an alert about the rise in ransomware attacks on the sector, and we continue to hear of devastating attacks ever since. Education facilities of all types are heavily reliant on information technology and online services to properly function and serve their students and pupils.  Education facilities also hold large amounts of sensitive personal data on pupils, parents, and staff—all of which must be kept safe and secure. 

There are several reasons for the rise of ransomware attacks on the UK education sector. Attackers are leveraging the increased digital communications between providers, pupils, and third-party suppliers. Many facilities are top research institutions with highly valuable data. Attackers also target this sector simply because they can. Nefarious actors know that many educational facilities lack needed cybersecurity measures; they take advantage of known technology weaknesses and prey upon busy providers who find it difficult to spot spoofing and social engineering attempts. In this post, we highlight some of the risks you face in the education sector and the measures you can take to protect your facility and your people.

Ransomware Threats for the Education Sector

Ransomware is a type of malware that can prevent education providers, employees, and pupils from accessing your systems and the important data held on them. Typically, the data is encrypted by the attacker, but it may also be deleted or stolen. In some attacks, the computer itself may be made inaccessible. Following the initial attack, those responsible will usually send a ransom note demanding payment to recover the data. Attackers are notoriously slippery; they typically use an anonymous email address (such as ProtonMail) to initiate contact. They often request payment in the form of cryptocurrency.

Ransomware attacks can have devastating impacts on the education sector, not least because it often requires a significant amount of recovery time to reinstate critical services. There’s also reputational damage for the education provider or facility. Often, these attacks are high profile in nature, with wide public exposure and media interest. 

Examples are unfortunately easy to come by. Last March, the Harris Foundation (which runs 50 education facilities around London) was hit with a “highly sophisticated” ransomware attack. The foundation had to disable its email system as well as any devices it had provided to pupils. That same month, the Castle School Education Trust experienced a ransomware attack that left nearly two dozen education facilities without access to any IT system. And, in August, six facilities under the Isle of Wight Education Federation were hit by a ransomware attack that encrypted its data

Protect your Education Facility with Offence and Defence

Let’s use sports as an analogy. To succeed in most sports requires both a strong defence and a strong offence. You have to stop a competitor’s attack, but you also have to fight back to stay in it. Ransomware plays the same game. Protecting against an attack is two-fold: You need to take steps to disrupt attack vectors, but you also need to enable effective recovery from an attack.

We start with offence. Many education providers entrust their cybersecurity to a disparate network of isolated applications and solutions. To truly thwart ransomware, your security solution must plug every hole in security coverage and protect against every point of entry, be it email, your network, the cloud, or your growing inventory of endpoint devices. In other words, if you don’t recruit a strong offence, nefarious actors can identify and exploit these security gaps. 

On to defence. What happens if a ransomware attack does indeed make it past the perimeter at your education facility? Just as athletes aim to stop scores, you need to stop the intrusion before it spreads. One of the most effective ways to thwart attacks and prevent future damage is with Threat Detection as a Service. Threat Detection as a Service lives in your data centre, collecting in real-time all security events on everything: your endpoints, your network, your copious email. 

At Optec, we offer a best-in-class Threat Detection solution in partnership with Assured Data Protection, to detect and remediate threats to the data that fuels the education sector. You’ll protect your data from the most advanced threats with rapid detection and response to ransomware. 

Stay in the Game: Mitigate and Remediate 

To continue the sports analogy, data backup truly is the best defence against ransomware. For education providers, by backing up all of your data, you’re essentially creating a “safe point” (before the damage happened) that you can revert to. Meaning that you and your team can likely avoid paying a costly ransom to recover this critical data. 

Immutable backups are key here, which means that once your backup data is written, it can never be changed or deleted. Having an immutable backup solution thwarts sophisticated ransomware attacks that target data backups and enables education providers to more quickly restore their operations to a recent and clean state. For the education sector, immutable data backups remain the only way to ensure recovery when your systems are compromised. 

We also know how busy you are. Protecting your providers and pupils from the risk of ransomware can also be complicated and time-consuming. At Optec, we’re pleased to offer a full range of backup and recovery options as a service, to make it easy and affordable to protect your critical data. These solutions are all based on Rubrik technology, a leading cloud data management technology that’s simple to use, cost-effective and scalable. 

Ready to educate yourself on how to prevent the next devastating ransomware attack? Smart choice. Please get in touch with our expert team today to learn more.


Want the latest news from Optec? Be sure to be sure to follow us on LinkedIn and Twitter.


Related posts

Previous
Previous

Optec Expands with New Office in London

Next
Next

SD-WAN: The Future of Secure Home Working?