Your money or your data! Counting the costs of ransomware

/in


A spike in ransomware attacks on schools should be spurring leaders – and the Department for Education – to pre-emptive action, writes Hayley Dunn

Since February, there has been a disturbing rise in ransomware attacks on schools, prompting the National Cyber Security Centre to issue an alert to the sector in March. So while we welcome the government’s announcement that it is responding with training and guidance, we are concerned that they are simply not doing enough relative to the size of the risk.

A faceless crime, ransomware is a type of cyber attack that prevents users from accessing their IT system and/or the data it holds. Usually, large amounts of data are encrypted, but fraudsters may also steal or delete it. An initial attack will be promptly followed by a threatening demand for funds in the form of cryptocurrency to release or restore the compromised files.

As those who have been attacked will attest, ransomware has a devastating impact. Restoring services to their usual capacity and functionality can take weeks, if not months, of work. And imagine the burden of responsibility on the individual – staff or student – who unwittingly clicked the link that triggered the attack.

Cybercrime is nothing new to the sector, but attackers have become more devious. Their previous modus operandi of blocking access and locking users out of their data was largely thwarted by the move to offsite backups and cloud-based technologies, which protect information and reduce the impact of disabling hardware.

Now, they have moved to focus on confidential and sensitive information. They target networks using remote access systems and virtual private networks, often using convincing phishing emails designed to catch out unwary employees to deploy their ransomware. These are aimed at exploiting unpatched software vulnerabilities, weak passwords and lack of multi-factor authentication processes. Most mobile phones, for example, have only one-step authentication via a passcode.

Cybercrime is not new but attackers have become more devious

The NCSC reports the new trend is to threaten to publish stolen sensitive information. Given the volume of highly sensitive pupil and…

Source…