Ransomware on the Rise – How backing up your Data can give you a life raft!
Type “ransomware” into Google and the number of recent articles on the topic is staggering. From Forbes to tech magazines and even The Japan Times – it’s clear that ransomware is on the rise worldwide. Like all things technological – ransomware viruses constantly evolve, becoming more aggressive. So should our approach to protecting ourselves from cyber-attacks. According to CyberEdge Group's newly released 2017 Cyberthreat Defence Report 61% of companies surveyed worldwide fell victim to a ransomware attack during 2016
One reason for concern is the growth of school hacking services found on the Darknet. Vendors will offer attacks for hire. This makes it increasingly easy for non-hackers to carry out an attack or cause damage to a school’s resources. Student records, lesson plans, coursework and other confidential data regarding both staff and students are at risk of corruption and loss from a ransomware attack.
With so many sources of information on the topic it can be a little overwhelming to sift through all the noise and find the essential facts you need to help better protect you and your school from a ransomware attack. One thing that everyone seems to agree about is that prevention is better than a cure. Most malware come from phishing via email. A common example is an email sent by a legitimate sounding organisation like the “Department of Education”. The sender will claim to have sensitive information or guidance documents for a senior leadership team member at the school like the Head Teacher. The email will have an attachment in the form of a zip file marked as a Word or Excel document to appear harmless, however once opened infects your PC.
This is where vigilance is key. By spotting certain tell-tale signs you can neutralise a ransomware threat in its tracks. First be 100% sure the source of the email is legitimate. As mentioned in our Ransomware and Your School article:
- Do not open any attachments or click any links, and do not forward or reply to the message
- Check with a colleague or any other member of staff included in the email to see if they received it and were expecting it
- If applicable, speak to your usual contact at the sender’s organisation using a known or trusted email address or phone number – not the one in the email.
- If you are one of Joskos’ supported schools, ask a member of our Service Desk to review the email for you – again do not forward or reply to the message. You can send a screenshot of the email to email@example.com or simply call us and ask a member of our service team to access your PC remotely so we can assess it.
3 Steps is better than 1:
The 3-2-1 Backup rule is by no means new or ground-breaking, it simply requires a bit of admin time, which we often don’t feel we have or don’t make time for. The rule boils down to 3 simple points:
Our Solution Architects recommends this structure for schools:
- 3 Copies: Have a ‘Shadow Copy’ (local to the server), NAS drive (off server, but still on site), Cloud (off site).
- 2 forms of Media: Snapshots and Flat Files or “text only” files are recommended.
- 1 Offsite storage: Use of the Cloud provides this, but if the school has multiple buildings/sites they can also move the NAS drive away from the server to enhance or replace this.
Why should you backup your data?
While antivirus software and vigilance are good preventative measures, they are not fool proof. Backing up your data provides you with a safety net – your information is still accessible and therefore lowers the chances of it being an effective leverage used by your attackers.
Keep in mind that the point of prevention measures and backups are to give you options. If you have original copies of your data saved elsewhere, all you may need to do is re-image your PC, reinstall your apps, and restore your data from the backup. Backing up your data is a useful last line of defence against ransomware attacks and could prevent you from ending up in a compromising position.
If you would like to arrange a consultation to discuss your school’s back-up policy please fill out the form below.