A ransomware attack is the act of hackers encrypting your computer or mobile device and holding it hostage, demanding money in exchange for a key to unlock it. If you don’t pay up, all your files are lost forever.
This type of cyberattack has been on the rise over recent years with security experts estimating that more than 1 million people have had their data encrypted by ransomware in the last year alone.
With an increasing number of students using laptops and tablets at school there’s no doubt that this trend will continue which means schools need to be proactive about implementing best practices to ensure student safety against ransomware attacks.
Cybersecurity Incidents Spike During the Pandemic
Cyberattacks are a reality of the modern day. With schools moving to online learning environments during the COVID-19 Pandemic, it was only natural that this would amplify any cracks within these systems with little protection for either party involved—especially when you look at all those enticing free apps out there giving rise by phone or tablet users’ devices into classrooms without permission from educators themselves.
Best Practices for Stopping Ransomware Attacks
Here are some steps schools can take today to stop ransomware attacks:
Don’t open unsolicited links
Encourage staff members not to open any unsolicited emails or links, whether they are expecting them or not. These links or attachments can lead to ransomware being installed on your device without you knowing.
Secondly, if the email seems fake or is from an unknown source, do not open it. There are too many phishing scams out there for school districts to be falling victim to them. I’ve seen at least two of these happen within my own community in the past year alone.
If you receive something through email that seems suspicious, never click on the link itself. These links often contain malware which can encrypt files in your device.
Instead find what you’re looking for by searching online or go directly to the website of origin and type it into the address bar yourself. If you can’t seem to find it, do some more research on the topic. In 90% of ransomware cases, Google will help you uncover what you’re looking for as opposed to falling victim to a phishing scam unknowingly yourself.
Scan Your Devices Regularly
This one is obvious enough that its worth mentioning. Make sure your devices are regularly scanning automatically at certain intervals. If you need help with this, make sure to ask your IT personnel or check the help section on your preferred antivirus software’s website for more information.
You may rely on one single antivirus software program to stop you from getting into malware trouble, but that can be a risky method in the long-run.
Instead, its best to have more than one antivirus software on your device at all times. Why? Because you never know when a virus is going to get past your defenses so keep backups of another piece of protective software for security’s sake. If using an Apple computer, you’re probably familiar with this method already since you use more than one antivirus software program to keep your system protected.
Make regular back ups
Make regular back ups of all critical files so if your computer is infected you can recover any encrypted files without having to pay the ransom. Discourage students from paying ransoms by explaining that it’s very likely there won’t be a decryption key available and even if there is, it’s likely to cost more than you actually saved by paying and getting your files back.
Educate students on the dangers of ransomware and how they can protect themselves from becoming victims – for example, many ransomware attacks begin by clicking on a link or opening an email attachment that downloads the virus onto their devices.
Embrace two-factor authentication
Establish two-factor authentication as a requirement for any accounts with access to student records such as Gmail, Facebook, Twitter, etc. In some cases this may mean adding security questions or sending additional verification codes via text message if the user doesn’t have access to a smartphone number.
This will help prevent hackers logging into those accounts from another computer even if they already know the password. If a hacker does manage to obtain the login credentials from any of those accounts, two-factor authentication will stop them from being able to access files stored in a Google Drive or anything saved with Dropbox.
Implement a VPN (Virtual Private Network) so all devices are encrypted as they connect to the network – this will protect any device that is infected and stops hackers from gathering sensitive data or students having their identities stolen.
A VPN will create a secure encrypted connection between your school network and the internet when students are online. If they keep this setting enabled all of their data is private, including what websites they visit and who they connect with. It’s also much harder to intercept their data when it’s traveling through this security tunnel.
Set passwords on devices
Increase security settings on laptops, tablets and smartphones so they require passwords every time they’re turned on and encrypt all files stored on those devices – this could be a real inconvenience for some teachers and students but it’s important to think about the potential safety risks of compromised personal information before convenience.
Also consider setting up separate accounts for each student with limited administrative privileges so if one account gets hacked your other accounts remain safe.
Also consider investing in robust anti-malware software such as Bitdefender which can detect and stop ransomware attacks without requiring further input from staff members or IT departments.