How to Protect Your Organization From Ransomware

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

In 2020, just as the coronavirus pandemic began, cybercriminals turned their focus to higher education and started targeting colleges and universities like never before. The number of ransomware attacks increased exponentially. A few years ago, in 2018, the average ransomware demand was under $10,000, and the number of ransomware attacks was relatively low.

Currently, both the number of attacks and demand have skyrocketed, with the demands often over $1 million. Although the FBI has warned against paying these demands, some colleges and universities have made the payments because not paying them seemed far riskier.

During a ransomware attack, cybercriminals infiltrate the organization's systems, blocking access to the entire organization. Then they encrypt the stolen data, making it nearly impossible to regain access. Hackers will threaten to release confidential information belonging to the organization itself or its students and staff members. Because colleges and universities keep highly sensitive student data, such as addresses, social security numbers, and birthdates, they have become a prime target, surpassing other industries.

The FBI advises not to pay the ransom because there is no guarantee the criminals will provide the key that unlocks the encrypted data. Even if the key is provided, there is no guarantee how much of the information will still be intact, or worse, if the data will be returned undamaged. Another reason includes the unknown of what activities the extortion is funding.  Getting paid may encourage the cybercriminals to continue their extortion efforts, and it may also encourage others to join in these crimes since it worked for their counterparts.

Formerly, the masterminds behind these awful extortions were incredibly tech-savvy individuals who were well versed in cybercrimes. However, with recent developments in technology, ransomware marketplaces sell malware to just about anyone willing to pay the price. There are fewer risks for the authors of the malware, and they still receive a financial gain. Furthermore, since the hackers request payments using anonymous cryptocurrency, the FBI has had difficulty tracing the money trails and locating the criminals.

So what can organizations do to protect themselves from ransomware attacks? Make a plan. Most organizations do not have a plan, and not being prepared can lead to irreparable damage to both the organization and the people in which it serves. Exploring options before a data breach and knowing what steps to take should the unthinkable occur can be the difference between a minor inconvenience and a major catastrophe. 

To minimize the threat, it is a great idea to begin training staff and students to recognize what ransomware may look like and to know its devastating effects. Since many organizations have moved to a hybrid setup with employees working from home or in public locations, security risks have increased tremendously. Such training would inform users to be wary of strange or unexpected emails, never to click on random links that are often the source of malware, and even be careful clicking on or responding to random text messages.

Users should learn to operate using a zero-trust policy. Before opening random messages, clicking on pop-ups, or providing confidential information, verify the request's source. It is always best practice to assume a security breach rather than give the benefit of the doubt. 

Additionally, restricting user access to the information necessary to perform tasks is an added security measure worth implementing. Other protections include, but are not limited to, using multi-factor authentication, safely surfing the web, backing up your data, and then safely securing the backup. While these methods are not guaranteed to keep cybercriminals away, they certainly make it more challenging and discouraging to a person who may be looking for an easy target.