Latest Ransomware Attacks Target the Education Sector

December 15, 2016 - by Synoptek

Share Button

All of your data is gone.

You go to open a document and it simply isn’t there. Looking deeper you realize that nothing’s there. Or maybe it’s there but it’s all encrypted – by someone other than you. You have no idea how to decrypt it.

Then you receive a message telling you how much you’ll need to pay, preferably in bitcoin, to get all your data back. You still have no idea who you’re dealing with, and therefore no way to know whether or not they’ll return your data even if you do pay the ransom. You suddenly remember all the times you’ve heard that the United States “never negotiates with terrorists” and you know very well why; because it will embolden them to do it again and again.

But your data is gone.

The Number of Attacks Against Educational Organizations Now Dwarfs Attacks in All Other Sectors 

The news media would have you believe that healthcare organizations are the ones most often hit with these kinds of “ransomware” attacks. Common sense tells you it must be financial services companies because they have the deepest pockets. But it’s not. It’s schools.

In fact, it’s not even close. In a recent study by research firm BitSight, 279 educational organizations, 13% of those surveyed, had been struck by ransomware. This was more than double the number of government agencies at 5.9%, and more than three times the number of healthcare institutions at only 3.5%. Financial services were the least impacted at only 1.5% of a much larger sampling than any of the rest.

Source: BitSight

Personally Identifiable Information (PII) and Vulnerability May be the Key

The tremendous amount of PII available on university networks regarding students, professional staff and others is certainly an attractive lure for attackers. Another high-value body of data is created by all the Research & Development work conducted at universities. This intellectual property can be leveraged to bring products to market in advance of their actual creators.

It is also likely that most universities lack the depth of robust security measures put in place by healthcare organizations, financial institutions, and government agencies. Easier to penetrate means more attractive to attackers. Also, because their user communities are so enormous, attackers have far more targets to attack to gain entry through.

How to Protect Yourself Against Ransomware

Remember that people are part of the ransomware attacker’s strategy. Users receive seemingly innocent emails, but when they click on links contained within they open the door for the ransomware to be downloaded. Since email is the usual vehicle, it makes tremendous sense to make sure that all possible safeguards are in place, including; Disaster Recovery, anti-virus, anti-malware, anti-spam and so forth, and that signatures on all user devices are always kept updated.

Another key to fighting ransomware is constant training and awareness-raising. Keep users conscious of the threat and aware of how to spot suspicious messages.
Especially in large educational organizations, it’s especially important to keep a careful eye on transient users, visitors, and other third-parties who use the network from time to time. It’s all too easy for an occasional user of a system to be lax or complacent about practicing safe computing.

This is getting worse

According to the BitSight report, “The overall rate of ransomware has more than tripled, and in some cases increased tenfold, for many industries over the last 12 months.”
Many agencies, including the FBI, have issued advisories warning against paying ransom, citing the likelihood of encouraging bad actors to increase their activity, and inviting others to share in the opportunity. Their common recommendation is to report ransomware incidents immediately.

If an ounce of prevention is worth a pound of cure, pounds or tons of prevention will be even better. To learn more about how to effectively protect your organization against ransomware contact the experts at Synoptek.

Related Content:

Synoptek is an award-winning veteran Managed IT services provider with more than two decades of experience in managing and protecting critical information technology systems for clients in Healthcare, Financial Services, Education, and the Public Sector. Learn More about Synoptek’s IT Security Programs.