Ransomware: A Growing Threat in K-12

Education is currently the biggest target for ransomware attacks, preceding the government, healthcare, energy/utilities, retail, and finance industries, according to Dark Reading in number of ransomware attacks.

And in the “2017 Cost of Data Breach Study” by Ponemon, the average cost to recover each record from a ransomware attack on education in the U.S. is $245 – $45 more than the global education industry average to recover a student or an educator record reports THE Journal.

We break down the reasons behind this threatening trend, and provide tips for securing your school or district from future attacks.

Growth of Ransomware Attacks in Education

In recent years, the number of large-scale ransomware attacks has grown. For example, most people have heard of a few such as WannaCry and NotPetya.

And the education industry is no safer than anything else. In fact, it falls behind other industries particularly in regards to the time it takes to respond to attacks. And when it comes to these attacks, time is critical. THE Journal reports, “On average, worldwide, education takes 221 days for the first part of the work [identifying breaches] and 83 days for the second part [containing them]. As a comparison, financial takes only 155 days to identify a potential breach and 34 days to respond and contain it.” The longer it takes to contain, the more expensive it will become.

With slow response times, education is a main target.

The BitSight ransomware survey attributes this to, “smaller IT teams, budgetary constraints, and a high rate of file sharing activity on their networks.” A large percentage of breaches occur in higher education institutions. But the smaller IT teams and budgetary constraints are definitely present in the K-12 space.

There is an interactive K-12 Cyber Incident Map that shows all reported cyber security incidents in education across the U.S. from 2016 to the present day. “For the period January 1, 2016 to August 17, 2017, U.S. K-12 public schools and districts were reported to have experienced at least 199 separate cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time.”

By the time this blog post is published, that number of 199 incidents will have grown. Clicking around on the map, various incidents include phishing, data breaches, hackers, and more.

How many cyber incidents have been reported in your state?

Educators’ Security Awareness 

Employee awareness is critical in preventing many security incidents. The “2016 State of Privacy and Security Awareness” report reveals, “88 percent of employees in all industries lack the awareness to stop preventable privacy and security incidents.”

The survey also breaks down the state of awareness per industry. Here is what they found out about education:

• Over two-thirds of respondents could potentially put the personally identifiable information (PII) of students, faculty, and employees in danger with risky behaviors.
• 68 percent of education employees are labeled as the “risk” or “novice” profiles. The risk category is labeled as putting their organization at serious risk for a privacy or security incident. Novices understand the basics of security, but could still learn more.
• 45 percent say lack of personnel and lack of budget are the biggest barriers to defending against threats.

The top four highest risk areas for educators are:

1. Identifying phishing attempts (93 percent)
2. Malware warning signs (86 percent)
3. Social media (86 percent)
4. Cloud computing (85 percent)

The full infographic is available here.

Protect Your School from Cyber Attacks

The education industry can take steps now to help prevent a breach in the future. eSchool News suggests taking the following proactive measures:

• Training and Awareness. As mentioned above, a lack of awareness is a major cause for data breaches or phishing attacks. And providing training for educators once is not enough. Routine training ensures everyone is constantly aware of new threats and how to recognize them.
• Secure Your Network. The IT team needs to secure networks to block threats. eSchool News suggests a next-generation firewall or email gateway solution. Segment the network as well so if one computer gets infected, it won’t spread through the entire domain. (This is especially important to segment student devices as students may not be fully aware of cyber threats, but more on student safety later.)
• Backup Files. Ransomware holds its victim’s data for a fee, but if you have routinely backed up files there is a chance you can avoid paying the ransomware and restore your backed-up files directly. Cloud-based systems provide more security than legacy, on-premise locations that some educators use to store data.

Constant vigilance is necessary to protect any industry from an attack. Add extra layers of security through cyber solutions and ensure educators in your school or district remain aware of how to recognize and avoid threats.

Keeping Students Safe Online

Unfortunately, students are also included as targets for cyber attacks and ransomware threats. Students may unwittingly click on a phishing email or web link from a school-issued device and it could take down an entire school network. Or students may share USBs or bring them back and forth from home and end up with an infected computer.

Educators can keep students safe with any (or all) of these helpful tips.

• Improve information fluency and help students better evaluate the content they find online. With the proliferation of fake news and advertising posing as real content, students can easily click on an unsafe link.
• Teach students good digital citizenship so they know how to protect themselves online and avoid potential dangers. Check out our earlier blog post and learn four strategies for teaching digital citizenship.
• Use an interactive game, like the Google Be Internet Awesome platform, to help teach students Internet safety and how to keep personal information secure online.
• Add an extra layer of protection. Student devices go through the school’s filtering when on campus, but educators need to safely extend the classroom for those devices that go home. The Kajeet Sentinel® cloud portal provides an additional security layer with safe, CIPA-compliant filters.

If you’d like to safely connect your students outside the classroom, let us know about your program and we can help protect your students.

However you decide to protect your network from ransomware and cyber attacks, remember awareness is crucial, for both educators and students.