One of the biggest threats that mankind is suffering from now is a cyber attack. The rate of cyberattacks has increased to a mammoth extent in the last few years. A report claims that Cyber attacks have been rated the fifth top-rated risk in 2020 and are a superior new normal that the public is getting accustomed to. Cybersecurity experts are seeing a lethal danger ahead as they predict that cybercrimewill get doubled by 2025 while the rate of detection is as low as 0.05% in the US.
During the pandemic, the whole world began functioning digitally. From national security to shopping for groceries things became totally virtual. Remote learning became popular and the education management system completely became software-based as school administrators figured out that the only way to keep the education flow smooth is to transform the entire system digitally. The educational administration and management program strongly supported this approach to continue the streak.
Thousands and thousands of school information systems like websites, online learning platforms, etc., got hacked by hackers. This global ransomware attack on schools’ information systems grew rapidly during the pandemic. The rise of ransomware attacks increased by around 72-75% during the first half of 2020 and 77 ransomware campaigns were being observed during the first months of the Covid-19 outspread.
Now, who does ransomware target? People in the education administration positions while creatinine secured strategies for digital education management and planning for better amenities came across a surprising fact regarding ransomware attacks. With the skyrocketing of cybercrimes, these top ransomware targets critical infrastructure of the national security, business processes, school management software, theatres, and everywhere else.
Learn how educational leaders adapt themselves in the field of virtual learning:
The cybersecurity firms have given this report on cybercrimes.
- Insufficient security measures: 45% of businesses and entities that have suffered ransomware attacks have said that their processes are ineffective at mitigating attacks.
- Frequency of attacks: 66% have experienced a cyber attack in the past 12 months.
- Background of attacks: 69% say that cyber attacks are becoming more targeted.
In September 2021, a Malaysian web-hosting service was targeted by a ransomware attack, and it demanded US$ 900,000 in cryptocurrency. In May 2021, four subsidiaries of an international insurance company in Thailand, Malaysia, Hong Kong, and the Philippines were hit by a ransomware attack asking for US$ 20 million. Thailand faced a similar kind of attack last September where computer systems and data of several hospitals, companies, and organizations were encrypted and blocked.
Educational leadership, healthcare organizations, law & enforcement, etc., have stated many multiple ways that ransomware attacks a cyber security system. The general anatomy looks like this:
- The hacker sends a phishing mail to the recipient.
- The recipient unknowingly clicks the click as the link does not always enter the spam box.
- As soon as the link gets opened, the malware unpacks itself.
- The hacker gets control of the ‘public key’ just as the malware unpacks itself and starts encrypting important files.
- The user, on the other hand, gets a ransomware screen as the files get encrypted.
- The hacker demands ransom from the recipient and handovers the ‘private key’ only if the user pays the ransom.
- On receiving the ‘private key’, the user receives the decrypted file.
There can be multiple ways a hacker throws ransomware attacks. This is just the normal anatomy of a ransomware attack.
So there are certain things that educational leaders feel we all should learn from ransomware attacks. Let’s check those out now.
Password security: While we sign up for any app on our mobile phones, it always suggests a strong password. The majority of us decline to use it and update a password of our choice. We all have noticed that in the password requirement, those apps mention that a password should be a minimum of 8 characters having a special character, a digit or a number, a letter in caps, etc., All these are done to ensure that the password we create is beyond the level of a hacker to crack.
Investment in cybersecurity system: Cybersecurity experts are saying that in another 5 years the investment in a cybersecurity system will surpass many other important domains of countries. Schools should ask their software provider if they engage in penetration testing. This is comparable to an active shooter drill the school might conduct, only for cyber attacks. Annual, sophisticated penetration testing is part of Finalsite’s security plan.
Having a Plan-B is always necessary: School administrators suggest keeping a backup plan ready where vital files, documents, contacts, etc., all should be kept in an alternative security vault. Alternate tools must be ready as well to perform in the hours of need or during the arrival of such critical scenarios.
Try to make friends with the media: Reaching out to people through media is one of the effective ways of tackling the ransomware attack problem. Recently, in West Bengal, India, INR 16 lacs has been withdrawn from a medium-based organization through lending apps. The owner is an ethical hacker and has contributed a lot to society via robotics, creating beneficial algorithms, data analysis, and so on.
He finally managed to crack the algorithm of one such money-lending app and was shocked to see the algorithm. He said that the app was lending money and itself blocked the option of receiving money from the borrower. Instead, it hacked the entire contact list of the user and started sending notifications to that list. Their final attack is to send photoshopped porn MMS of the user to the entire contact list. He reported this to the news media and the CID department and thus, the public came to know about this incident.
Engaging law & enforcement from the beginning: Law enforcement and security experts can provide invaluable insight on how to counter an attack and enable fast legal intervention.
Achieving 100% security against ransomware attacks on schools is definitely possible but educational administration and management program says that following these steps might help to some extent. You can speak with someone from this program to know more about ransomware attacks on schools by calling this toll-free number: 1800-212-6400.
Written By : Soma Adhikari