How to protect school networks from ransomware attacks

by Dennis Pierce

The “WannaCry” ransomware attack that hit business, hospital, and school networks on May 12 served as a stark reminder of the need for school IT leaders to protect their networks.

This worldwide attack infected more than 100,000 computers in at least 104 countries, Reuters reported. It tricked people into opening malicious attachments to email messages that seemed to contain invoices, job offers, security warnings, and other legitimate files.

Once opened, the files used spying tools believed to have been developed by the U.S. National Security Agency. According to Reuters, these tools silently infected other out-of-date machines on the network without any human intervention by exploiting security vulnerabilities in older versions of Microsoft’s Windows operating system. 

The attack encrypted data on the infected computers, and those responsible demanded payments of up to $600 to restore access.

The ransomware attack targeted Windows computers that lacked patches released by Microsoft in March, as well as older machines running software that Microsoft no longer supports (like Windows XP).

School networks in China, hospitals in Indonesia, and a Nissan manufacturing plant in England were reportedly among the institutions affected.

This attack shows the importance of keeping operating systems and security patches up to date on all computers connected to school networks, said John Roberts, Lead Channel Manager for AT&T Education Marketing.

Besides keeping systems and patches up to date, here are four other strategies that school IT leaders can use to help safeguard their networks from ransomware attacks like WannaCry:

1. Back up your data frequently

“If your data is suddenly blocked off and a ransom is demanded, you can restore your system quickly and easily to avoid having to pay the ransom if you have been backing up your data regularly,” Roberts explained.

2. Use a multi-layered approach

Use technologies such as:

  • Next-generation firewall
  • Intrusion protection system
  • High-quality, up-to-date antivirus system
  • Email and web filtering

3. Educate your network users

“Regularly remind students and employees not to open attachments if they’re from an unknown source,” Roberts said. “Provide examples of phishing emails, so that staff and students can learn to recognize possible threats.”

4. Turn to outside experts for help

“Consider using a cybersecurity consulting service to find potential vulnerabilities in your network,” he suggested. “AT&T can help identify gaps in your current cybersecurity plan as it exists today.”