News

Ransomware Sends Us Back to School

Thu, 01/19/2017 - 04:46
Redstor_Ransomware_Schools
Disaster Recovery

The Education Industry Showed the Highest Ransomware Infection Rates In 2016

In a previous article, we mentioned that ransomware seems to be targeting the education industries quite aggressively. Everyone is picking up on this trend, but no-one can really expand on why that is. One can only speculate, but here are some thoughts as to why.

In 2016, Education was the industry that showed the highest ransomware infection rate. Schools are particularly easy to target currently because students and staff all have mobile phones that they bring to school, leaving the network vulnerable. Mobile ransomware has spiked drastically in the last 6 months.

Mobile Phone Ransomware

Ransomware like Fusob and Small are locker-ransomware types that lock access to your device and apps. Crypto-ransomware types are not as successful on phones because Android systems back up into the cloud and users therefore are less likely to pay the ransom because they can restore their data from their backups.

Locker-ransomware wasn’t as successful on PC’s because one could simply remove the main storage from the PC, access it via another machine and delete the locker-ransomware files. An android phone’s main storage is (in most cases) soldered onto the motherboard, so there isn’t an effective workaround – hence the increase in attacks

Is Ransomware a Data Security Breach?

It has recently been debated whether ransomware should be seen as a data breach or not. It should most definitely be treated as a breach in data security. To date, no major data leaks and ransomware attacks could be connected, but if cyber criminals have access to be able to encrypt your data, they have access to read it, and copy it, use it and sell it. One of the major concerns when data has been breached and stolen is that it would be sold on the black market. Why would it be sold on the black market one may ask? Various reasons, in order to facilitate identity theft (if you have a school record, you have a type of persona), online presence (if you have a persona, you can track that person’s online presence and possibly aim to extort more). It becomes clear that a spider web of possibilities opens up from here.

But why schools?

There are two sides to the modus operandi of a ransomware attack on a school:

  1. To maliciously deny access to machines, encrypt data and disrupt day to day operations.
  2. To gain access to student information. With academic records and personal information about students, that’s quite a lot of data that can be sold on the black market.

The majority of schools in the UK have centralized databases, or School Information Management Systems that store student, teacher and school information. Financial information about the school, medical records about pupils, personal information and addresses of both pupils and staff; all very sensitive information and very frightening when this ends up in the wrong hands. What’s worse is that when academic institutions like schools are targeted, you are dealing with minors. If this data ends up on the black market, these children become very vulnerable and exposed.

Read here how to avoid a ransomware infection.

Backup is a must!

The number one piece of advice that anti-ransomware specialists offer is to back up all data, outside of your own Local Area Network (LAN). Be sure to use a reputable cloud backup software provider. It is important that you have the ability to recover an entire system and that your backup is isolated from your network to keep it safe from the infection.

When a machine has been infected, the first thing to do is to take that device off the network and offline. This ensures that the infection can’t spread further than this device and doesn’t risk compromising other users’ data. Once the infection has been contained and removed from your environment, it’s time to retrieve your data from the secure backups.

Recent Articles

Redstor_Alternative_accountancy_strategic_blog Redstor

Redstor Accounting For Financial Data Backups at The Alternative Accountancy Strategic IT Conference 2018

Continuing from a series of events in the first two months of the year, Redstor will be in attendance of this years, Alternative Accountancy... read more

February 20, 2018
Redstor_CryptoJacking_blog Data Protection

Crypto-jacker Leaves ICO In Its Wake

Cyber-attacks and ‘hacks’ made regular headlines throughout 2017, and in the UK the Information Commissioner’s Office (ICO), was there to oversee all... read more

February 15, 2018
Redstor_100Days_to_GDPR Data Protection

100 Days To Go…

Wednesday 14th February 2018, valentine’s day, but more significantly it’s 100 days until G-day. May 25th, 2018, the day on which The General Data... read more

February 14, 2018