How education IT teams can prepare school districts for ransomware

Ransomware has evolved into one of the biggest cyber threats facing organizations in every sector, and education is no exception. According to Armor, more than 1,000 schools were impacted by ransomware attacks in 2019, which doesn’t just put student data at risk – it also has the potential to impact learning.

What’s more, schools have had to abruptly transition to remote learning because of the COVID-19 pandemic, and it’s been no small task to get the necessary technology for successful remote learning up and running. School districts’ IT teams are stretched thin, so they have limited resources to dedicate to network defense, increasing the risk of a cyberattack. Add that to the creation of many new attack vectors as students and teachers log on to their school-issued devices at home, and you’ve got a recipe for a cyber-disaster on your hands.

Even the FBI has started warning schools about the increased risk for cyberattacks due to remote learning; school districts are now more likely to pay up to minimize disruption of learning for their students, making them prime targets for ransomware.

Despite the challenges of keeping cybersecurity a priority while also trying to adjust to remote learning, there are still steps that IT professionals in the education sector can take now to ensure they’re keeping sensitive student data safe from cyberattacks, and minimizing the potential for downtime that could impact learning if an attack is able to slip through the cracks.

Building a ransomware response plan

Just like in any industry, education IT teams should have a plan to follow when a ransomware attack inevitably strikes. Establishing a crisis team with district leadership, IT leaders, and department heads is a good first step – this group can help map out the district’s IT infrastructure and identify the critical systems and data that most need protection. Compliance considerations will also need to be part of this discussion, as some types of student data have strict rules under regulations like FERPA. The last thing a school district needs when dealing with the fallout from a ransomware attack is to be slapped with fines for exposing sensitive student data.

To successfully mitigate ransomware during an attack, education IT teams must also test their ransomware response plan ahead of time. Recovering quickly to reduce downtime is important to restoring learning. Regular testing eliminates confusion about what steps need to be taken and speeds up the process; the faster-infected systems can be isolated, the less widespread the damage will be.

Integrating cybersecurity with data protection is also something to consider when developing a plan for ransomware, especially as many IT managers have tighter budgets due to COVID-19. All-in-one solutions meet various IT needs in one centrally managed console, which lowers costs and offers a level of simplicity that may be especially helpful for smaller education IT teams. By taking a two-pronged approach and integrating security with backup and disaster recovery protocols, education IT teams can more easily neutralize the ransomware threat – removing the segmentation between the two makes the process of detecting and preventing attacks, as well as recovering potentially impacted systems and data, smoother.

Making students and teachers cyber-ready

Educating students and teachers about best practices for cyber hygiene can also help stop cybercrime before it starts. As part of training to prepare for virtual teaching and learning, education IT teams should also offer a cyber awareness training – with education being moved online, students must learn the warning signs of a phishing attack like suspicious attachments or unknown links. Particularly for students who are communicating with their teachers online for the first time, it’s essential to outline the potential risks and things to look out for.

They should also have access to a remote backup system that automatically backs up data, without requiring manual intervention by the IT team. This will help to free up IT resources to focus on security, while also ensuring that student data isn’t lost due to confusion around what to back up, how often, and where to store it. Further, many people assume that SaaS-based systems like Microsoft Office 365 automatically back up their data, but this, unfortunately, isn’t the case, meaning a third-party data backup system is required to keep this data safe. All school-issued devices should be connected to this remote backup system, which will ensure emails, schoolwork, and other student data are backed up and instantly accessible in case of an attack that encrypts files.

While the decision has yet to be made about whether remote learning will continue full-time through the fall, the COVID-19 pandemic has demonstrated a clear need for the education sector to make technology a more integral part of the learning process. With this comes an increased risk of cyberattacks in an already-hard-hit sector, but having a ransomware response plan in place and taking proactive steps to develop security and disaster recovery best practices are key to keeping student data safe and school systems up and running.