Ransomware is now a huge threat for education businesses both big and small. In 2021 ransomware gangs such as REvil and DarkSide have taken down the likes of the Colonial Pipeline, AXA and Redcar Council. In the UK the threat level is so high to the Education sector that the National Cyber Security Centre has issued a specific warning*
To make things even worse ransomware gangs are now threatening double exploitation. So even if you pay the ransom they will go on to disclose personal data unless a second ransom is paid. Frightening indeed for anyone looking after children’s data!
There is good news however. Ransomware gangs are very time conscious and tend to go after the very softest of targets. So with a bit of effort and some simple defences you can make your business too difficult for them to target.
In this Insight I outline three such defences which you can deploy in your business to do exactly that. Follow these simple steps to significantly reduce the risk of your business becoming the next ransomware headline.
Secure your remote access - RDP
RDP (Remote Desktop Protocol) is used by lots of businesses for remote access to the network. It’s used by so many businesses because it’s a nice simple solution. So simple in fact that it’s also how a lot of ransomware gangs get their first foothold on your network before encrypting and stealing your data! They often do this by finding your staff’s login details in the darkest corners of the darkweb.
So please never place RDP unprotected on the Internet. Always always put it behind a VPN! And while you’re at it, and I cannot stress this enough, always use Two Factor Authentication on both your VPN and your RDP. This will mean that even if they do find out that Sarah in HRs password is ‘passw0rd’, they still won't be able to break into your network.
Patch, patch, patch!
In 2017 Wannacry attacked unpatched Windows machines to devastating effect, bringing the NHS to its knees. In 2021 ransomware gangs still attack unpatched systems as a way to spread through target networks and silently steal your data before launching their crytpo algorithms.
Luckily patching hygiene is a really easy win. Almost all software comes with auto-update capabilities. Updates can be scheduled after hours, and rolled back if they cause issues. So for your everyday devices please please use it. Yes you may get the occasional issue where an update stops something from working, so use with caution, and where necessary test. But generally the odd hiccup here and there is preferable to a scull and crossbones on your desktop on a chilly Monday morning!
Turn your staff into defence Ninjas
Ransomware gangs don’t just strike at random. They often pick very specific targets. For instance they love the education sector because of all that highly sensitive, GDPR relevant data. So when they write phishing emails they are really targeted too. By which I mean they are really really good (in a bad way!). And they love phishing emails because that’s one way they drop initial attacks onto your network.
The good news is that they generally give the game away. They normally try to trick staff into clicking a link, or opening an attachment or something similar. So with good training your staff will notice they are being tricked. And even better, when they notice they can tell other staff so they are on the lookout too.
So give your staff regular ransomware awareness training, and together they can become the vital first line of defence.
I hope that you have found this Insight useful. If you would like to know anything else about how to protect against ransomware please do feel free to get in contact.
Head of Consultancy
*warning from the National Cyber Security Centre https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector)