Data Backup Digest

Ransomware is becoming an overwhelming problem for US schools. Ransomware is where malicious attackers get hold of data and then lock it behind encryption, forcing people to pay the attackers in hope that they will provide the decryption key.

In the first nine months of 2019, over 500 US schools were hit with ransomware attacks due to infections at 54 educational organisations. That’s according to a report from Armor.

It’s a huge rise from last year. A document from the K-12 Cybersecurity Resource Center shows that of the 119 cybersecurity incidents reported by US K-12 schools, only 11 were because of ransomware. That means this year has seen attacks grow nearly five times in rate.

Crowder College in Neosho, Missouri, claimed that hackers had demanded $1.6 million to provide the decryption key to unlock the data they were holding at ransom. That’s the highest ransom demand from all the school districts.

If you look at a report from Emsisoft, however, their numbers show that 1051 schools were hit by ransomware.

Whatever the exact figure, what both reports agree on is the sudden increase in which ransomware is targeting US educational facilities.

To try and combat this, the US Senate passed a bill called the DHS Cyber Hunt and Incident Response Teams Act. This would create response teams to help public and private entities defend against cybercrime. It’s expected the bill will be signed into law in the next couple of months.

Some government offices impacted were those in the East Baton Rouge Parish in Louisiana. To protect themselves, and the schools, they plan to spend $215000 to improve their backup systems.

The School Board have given preliminary approval to the purchase of storage equipment and cybersecurity services and is expected to give final approval soon.

“In the past couple of days, we’ve had 20,000 attempts to put some viral malware onto our system that we’ve been able to stop,” said Richard Ellis, Chief Technology Officer, speaking to the board. “We have to update. It’s kinda mandatory. If we don’t, we’ll face the ramifications.”

The plan is to buy storage equipment from CMA Technology Solutions, alongside three years cybersecurity services. Ellis said the purchase would let his team update the district’s current backup systems.

Those backup systems would cover all sorts of mission critical data from systems in finance, human resources, directory services, and more.

CMA is a vendor for Dell and the school will be utilising their state contract for an integrated data protection appliance. This will store data locally and off-site, providing redundancy with air gap security. The firm will also help the district with data recovery, should there be an attack.

It’s likely that other districts will soon follow suit. The threat of ransomware shows no signs of slowing down. However, it’s fairly straightforward to overcome providing the backups are in good shape – the ransom demands are useless if the data can be restored. While it’s a costly process, in both time and money, it’s far cheaper than fuelling cybercrime.