Written by Bill Bennett, tech journalist
Ransomware is a kind of malware that locks up computer data, then demands a payment to unlock it. While attacks are disruptive and can be expensive to deal with, Network for Learning can help schools reduce the risks.
Often, the first you know that you are dealing with ransomware is when you can’t get hold of a data file. Before long, the attacker will get in touch with a ransom note. Most of the time they want money, but attackers have been known to make other demands.
The advice from security experts is clear: don’t pay the ransom. Many people do pay up and it rarely ends well. There is no guarantee the attacker will return your systems or data to normal, and it may not be the last you hear of them. Once attackers identify targets willing to pay up, they return again and again. If they see you are unwilling to pay, they’ll look elsewhere for their next victim.
Malware and phishing can be the starting point
There are a few ways ransomware can find a route into a system. It could be through viruses and other malicious software, or it could be through phishing. This is where an email arrives that looks like it comes from a trustworthy source and tricks the recipient into handing over a password.
Once criminals find their way into a system, they take control of the data. They might encrypt the data or download a copy and delete the original files. While they are inside the system, they may cause other problems such as taking key services like email offline.
Many ransomware criminals are professionals working for organised crime gangs. In the past, they would look for profitable companies with the means to pay a ransom. More recently they have turned their attention to government organisations.
Last year a ransomware attack affected Waikato DHB for days. It meant postponed hospital surgeries and some patients transferred for treatment elsewhere.
The Waikato attackers caused widespread havoc. Computer systems and phone lines were out of action for days. They deleted important data, including patient notes, staff records and financial information.
How ransomware might affect a school
An attack on a school might not be the same scale, but the effect would be similar. You can expect to have trouble accessing data, essential services may not work as expected, for example, it may not be possible to send or receive email, and you may find sensitive information is made public.
You can minimise the risk of ransomware by keeping operating system software and applications up to date. The latest versions are the best protection against security risks. Always treat emails and especially attachments with caution. Make sure you were expecting the email and if in doubt speak to your IT team before opening attachments or clicking on links that don’t seem quite right.
Keeping regular back-ups and storing them offline where attackers can’t reach them will help you get everything back to normal after an attack. You may already have the necessary software and hardware in place, if not, your support provider can help with the set-up.
How N4L supports your school
Schools connected to N4L’s managed network have extra protection as part of N4L’s Safe & Secure Internet. This uses DNS Threat Protection; it acts as a filter to block access to malware and known dangerous sites. It includes tools to guard against phishing and other forms of attack.
DNS Threat Protection also stops school staff or students from using virtual private networks to bypass the safeguards and open backdoors into the school system. We also use the technology to block inappropriate content and keep online searches safe. Our recently launched Email Protection offers schools a greater level of protection blocking the more sophisticated threats including ransomware and is fully funded by the MOE read more here.
Combine this with our other security tools, including the firewall and you’ll have made a good start on your ransomware protection. These tools are good, but they won’t eliminate the risk; you’ll need to remain vigilant and make sure everyone on your team is up to date with basic security practices such as using strong passwords and multifactor authentication. Fighting ransomware and other online threats requires a team effort with everyone playing a role.
To check if your school uses N4L’s DNS Threat Protection, contact their Customer Support team at [email protected] or contact your N4L Relationship Manager.
Bill Bennett is an experienced editor and journalist specialising in technology and business. He has worked for New Zealand and international newspapers including the NZ Herald and The Australian Financial Review. He is also a regular technology commentator on RNZ Nine-to-Noon.