Ransomware has been a growing threat since 2016 and cyber-criminals are today purposefully targeting schools, knowing the value and sensitivity of personal data they hold and the need to recover it quickly. Criminals typically demand that ransoms are paid in crypto-currency, whilst the amount demanded can range from thousands to millions of pounds.
A Ransomware attack is a malware-attack that infects a user’s device, encrypting data or the system itself and demanding a ransom is paid for access to be returned.
This informational webinar is brought to your school or MAT by Redstor and School Business Services (SBS)
Ransomware attacks often rely on fooling a user on the network into unwittingly executing the ransomware virus. The top causes of this are staff opening malicious email attachments or visiting malicious websites. In 2016, these accounted for 82% of all ransomware infections. While cyber-security solutions are evolving to deal with the threats of ransomware attacks, cyber-criminals are developing strains to actively beat anti-virus software and remain undetected in systems for longer before infecting data.
The return of WannaCry
One strain of ransomware that has caused major issues for organisations of all sizes over the years is WannaCry. Grabbing headlines in the process, the WannaCry strain of ransomware infected in the region of 300,000 organisations in May 2017, in just 3 days.
The speed of the attack and range of organisations hit meant that the effected were felt across the globe and first brought ransomware to the attention of many. The continued use of the strain could be down to its effectiveness and the ease at which it can be deployed, email being the easiest way.
In addition to monitoring machines and utilising antivirus protection, it is vital that organisations regularly update and patch machines. This ensures the latest vulnerabilities discovered by manufacturers and software vendors are made secure, ensuring cyber-criminals cannot exploit them.
A threat to all data
Ransomware strains typically encrypt data on a file server or network, rendering it inaccessible until a ransom has been paid.
This leaves users with two choices: pay the ransom, hoping that the perpetrators adhere to their word; or restore systems from a previous backup. However, with ransomware strains evolving to make them more effective the method of restoring data from a backup can be at risk too. Many variants of ransomware are designed to attack specific file types.
There are some strains that perform volume-level encryption or that attacks all files, regardless of type. Therefore, any backup that’s directly accessible through a computer’s file system is vulnerable to ransomware. Ideally, a backup application should be able to pull data from a protected host without that host requiring a direct mapping to the backup.
Securely backing data up off-site or at least off of a primary network adds a layer of resiliency that on-site backups don’t, ensuring backup sets are available on-demand.
Public cloud offerings can also be put at risk from ransomware and malware strains, with corrupted data or malicious files being accidentally stored or accessed in platforms.
Staying protected against the threats of Ransomware
Protecting against the threats of ransomware and other cyber-threats should be a priority for schools, colleges and trusts, the threats themselves can cause downtime and disruption but the truth is, if vital work, lesson planning and course work cannot be recovered then almost everyone within a school environment will feel the negative effects.
Once it has targeted your server, the ransomware will seek and infect all onsite data storage, as depicted above.
Ransomware strains have been developed to identify and encrypt on-site backups, making it even more vital to ensure that a secure off-site copy of data that cannot become infected exists.
Redstor and SBS are here to advise
If your systems were infected by a ransomware attack, would you be able to recover your data?
Redstor have helped hundreds of schools recover from ransomware without paying a ransom. By instantly streaming data on-demand, Redstor eliminates downtime and ensures that users can access data when they need it most.
The SBS Procurement team works in partnership with Redstor to deliver a complete solution for customers. If your school would like to discuss eSafety in detail, please call 0345 222 1551 • Option 7 or email firstname.lastname@example.org.
According to the police, “fraudsters are posing as government officials in order to trick people into installing ransomware which encrypts files on victims’ computers.” Further to our previous advice on ransomware, please be aware that schools are receiving phone calls from fraudsters posing as ‘Department of Education’ officials who do the following: Request an email […]
Ransomware is an aggressive form of computer virus that targets your server, encrypts files and then demands a ransom for their release. The technology driving ransomware – such as the CryptoLocker – is increasingly advanced and difficult to detect. It often targets the human element, relying on tricking a user into interacting with an innocuous […]
“Ransomware, it’s everywhere. We had hoped that the notorious file-encrypting ransomware called CryptoLocker was defeated after law enforcement knocked out its infrastructure last year, but CryptoLocker and its close cousin, CryptoWall, have come back stronger than ever.” We stumbled across a really useful post on the Sophos blog that we thought our schools should read. […]