The Rockville Centre school district in Long Island, New York was hit with Ryuk Ransomware this summer. The ransomware encrypted files on their server and they had to pay nearly $100,000 to unlock their data.
A neighboring school district in Mineola, Long Island was also hit. However, instead of paying the ransom, they were able to restore their data from backups. They had a complete and restorable backup so they could rebuild their network if it was ever affected.
Ransomware attacks continue to hit federal, state and local government agencies across the U.S. They have hit more than 170 county, city, and state governments in the last 6 years, with most occurring in the first half of 2019.
How Did the Ryuk Ransomware Get Into These Systems?
The superintendent of Nassau BOCES, Robert Dillion, reported that ransomware "is introduced innocently into an organization as an email." When an employee mistakenly opens it and clicks on a link or attachment, "the malware enters your system to find a place to hide, and at a future time, it erupts and corrupts your system. The people who send it, sell it to a third party, which encrypts it, and then the ransom is demanded."
The education sector is especially at risk because good backups are expensive and they don’t budget well for IT. As more and more ransomware attacks are getting through, school systems, government entities and all businesses absolutely need a good disaster recovery plan, and rock-solid tested backups.
What Does It Mean To Backup Data Correctly?
Backup and Disaster Recovery (BDR) requirements vary from organization to organization. But there are 5 key features that you should look for…
1. Hardware Compatibility. Your BDR Solution should offer the compatibility you need across all of your appliances. It should also provide flexibility for your users.
2. 24x7x365 Technical Support. Disasters occur at any time of the day or night. So you need a BDR solution that's backed by an IT provider who will be there for you no matter what time of day or day of the week it is.
3. Redundancy In The Cloud. You need more than just a backup onsite. If you can't get into your office, then you can't access your backup. Your BDR solution should leverage the Cloud for additional security and recoverability. It must have the capability to keep things running when disaster strikes.
4. Proven Recovery Time Objective (RTO). Downtime is costly. So it's critical that you can recover your data quickly and easily. Look for a solution and IT provider who can promise that RTOs are measured in minutes, not hours or days.
5. Is Cost-Effective & Meets Your Changing Requirements. You have to watch every dollar you spend. The BDR Solution that your IT support company provides should meet your needs while not breaking the bank. And look for a provider who can scale your BDR solution to meet your changing requirements.
What Else Can Schools & Businesses Do?
Train Your Users To Recognize and Avoid Phishing Emails.
Not only are recoverable and restorable data backups a must, but schools and organizations should also provide Security Awareness Training and simulated phishing attacks to teach employees how to recognize malicious emails. A good Managed Security Service Provider can provide this.
Security Awareness Training is essential. And you must continue training and testing your employees for effectiveness. Once users get proper cybersecurity training, understand that they will be tested regularly and that there are repercussions for repeated failures, their behavior changes. Users develop a less trusting attitude and get much better at spotting a malicious email, which significantly increases your cybersecurity posture.
Schedule Regular Cybersecurity Assessments
This is an annual or quarterly analysis that includes deep-level network and security assessments, vulnerability testing and reporting to accurately identify any security gaps. Based on the Cybersecurity Assessment findings, IT experts will provide recommendations and help to create a customized cybersecurity remediation plan for your organization.
These Assessments perform a non-invasive scan of your entire network, and everything connected to it, seeking out vulnerabilities that might be open to a hacker who manages to get by the network edge protection, or from a malicious internal source.
Reports are generated and provided to you so you can see if there are any gaps in your protection. They provide a higher level of assurance that you are doing everything possible to protect the security of your IT assets. With regular Cybersecurity Assessments, you'll have an excellent overview of exactly what’s going on in your network and what exposure you may have sustained.
Your Homework Assignment?
With a sound Backup and Disaster Recovery Plan, Security Awareness Training, and Cybersecurity Assessments, your IT service company can protect your technology assets, guard against ransomware attacks, and lock the hackers out.
Anthony has been in the MSP business since before the acronym existed. Managed IT once started as break-fix solutions and some light phone support.
Since then, he has seen the industry flourish into a landscape of platforms, cloud servers, software tools and AI . Tailoring network configurations and software stacks to the specific needs of each business.
In his current role, he focuses on proactive planning, ensuring clients can avoid potential issues altogether. This involves meticulous planning for enhanced business continuity, allowing swift resolution of any unforeseen challenges. What initially began as addressing "fires" through break-fix solutions has evolved into a proactive approach, ensuring that such issues are prevented from arising in the first place.
