The Education Sector has Major Target on Their Backs…
Ransomware has been targeting educational institutions over the last twelve months. In January of 2017, the Los Angeles Community College District was hit with ransomware, and paid the hackers $28,000 to decrypt their files. Months later, Dorchester School District Two was infected with ransomware, and paid $2,900 to get their files decrypted. In September, San Ysidro School District was infected with ransomware and chose not to pay the ransom. By November, J. Sterling Morton High School was infected as well, but did not pay the ransom. Last month, Dartmouth College was infected, and also did not pay the ransom.
Those are just five examples of ransomware that have specifically targeted educational institutions over the last year. PC Matic has also created a map, see below, of the ransomware attacks that have hit educational institutions in the U.S.
Cyber criminals are not just targeting U.S. educational institutions either. According to The Telegraph, private schools in the U.K. are also being targeted. Hackers are targeting these institutions because of the high term fees ranging from $5,000 to $13,000, coupled with poor cyber security. The hackers hopes are to intercept the term payments so they receive them, instead of the school.
Top 3 Reasons Hackers Target Schools
According to Dodi Glenn, Vice President of Cyber Security for PC Matic, there are three reasons hackers are targeting the education sector worldwide. Dodi states,
“First of all, it’s easy because students lack awareness of today’s cyber security threats. Students receive school emails and aren’t aware of the repercussions of opening an attachment. If the hacker can get them to infect a network, then they win.
Secondly, schools don’t secure their networks as well as they should. I’ve seen free anti-virus deployed at schools in the past. They don’t always have the budget for cyber security products.
Lastly, cyber criminals use threats of violence, shaming, and bullying children as an effective way of getting school officials to pay the ransom. Educational institutions know parents would be in an uproar if their child was impacted by a breach, so they would rather pay the ransom than put children at risk.”
8 Ways to Stay Protected
- Educate students and staff on current cyber security threats
- Keep all operating systems and programs, including security solutions, up to date
- Implement application whitelisting technology
- Disable macros
- Ensure only the appropriate staff have administrative rights
- Do not share credentials
- Backup data in real-time
- Utilize multi-layer authentication
Ransomware Prevention Success Story
Houston County Schools has been using PC Matic Pro, an application whitelist technology, that has effectively been blocking malicious software from executing on its endpoints. You may view their full product testimonial below, or read their case study here.