Loss Control Insights for Schools

Five Ransomware Prevention Tips for Schools

laptop

Ransomware, a type of malware that encrypts files and requires payment to remove the encryption, has become increasingly widespread in the past couple years. The recent rise in ransomware is something schools should not ignore. Just this year, a school in South Carolina agreed to pay $8,500 to regain access to its servers.

Ransomware is often spread through phishing emails that contain malicious attachments. They may display intimidating messages such as:

  • “Your computer has been infected with a virus. Click here to resolve the issue.”
  • “Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”
  • “All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”

Often schools are left with few options to recover their data and are advised to submit the ransom even though doing so doesn’t guarantee the files will be released. This is why it’s important for schools to take preventive measures to avoid ransomware in the first place. Schools should follow these tips to increase their level of defense against ransomware

Back Up Files
Backing up your files is the best defense against a ransomware attack. It’s important to make sure files exist somewhere else that cybercriminals cannot easily access such as an external hard drive or in the cloud. This way, if you are a victim of ransomware you will not need to pay the ransom because you will be able to recover the encrypted data. Be sure to test your backups regularly. The backup files are only good if you are able to restore your data from it.

Maintain Up-To-Date Anti-Virus and Anti-Malware Software
The right anti-virus software can stop attempted breaches. Regularly updating your software can ensure you are protected from recently identified threats. It’s also a good idea to filter out emails with .exe attachments and set your computer to show hidden file extensions. Ransomware is often delivered as a file with more than one file extension such as example.pdf.exe.

Keep Your Operating Systems and Software Up-To-Date
Ransomware takes advantage of vulnerabilities in outdated operating and software systems. If you aren’t updating your software when updates are available, you are putting yourself at risk for an attack.

Restrict PC Use
Make sure only authorized people use each of your PCs. Keep them locked down so those without access cannot use them.

Train Employees
Many ransomware attacks begin with a phishing email, so it’s important for your staff to be aware of what these may look like. Make sure your employees know not to open suspicious emails from unverified senders or click on unsolicited web links. Also, it’s important employees not enable macros in documents received via email. A lot of ransomware infections rely on users turning macros back on.

What to Do If you Fall Victim to Ransomware
If you experience a ransomware attack you should turn off the infected computer and disconnect it from the network. An infected computer can take down all other PCs sharing the network. Then call an IT professional immediately.

More Information