Ransomware Puts Schools in Detention

Jan 09, 2017

Ransomware Puts Schools in Detention

BY Sarah Roberts


Last month we were introduced to GoldenEye, a malicious strain of ransomware which targeted the Human Resource departments of several companies in Germany by impersonating a potential candidate. Today, it emerged that copy-cat scammers are now targeting staff in schools. 

According to Schools Week, this attack is much more than a phishing email. A cold caller claims they’re from the ‘Department of Education’ in order to extract email addresses - often citing personal information about the head teacher to help their case. This change in behavior shows that cyber criminals are now willing to work much harder to hit their target. 

The hackers then use these to send Zip files, which claim to contain anything from ‘exam guidelines to mental health assessments’.  Once opened, these release a virus which quickly encrypts all files. The malware then demands up to £8,000 (over $9,700) in ransom. 

It is therefore vital that schools review their data backup procedures to ensure that they not only have copies of all critical data, but can restore their data smoothly in the event of a ransomware incident. 

And Backup is just the first step; if schools have the ability to recover lost data quickly, they can keep the school functioning with minimal downtime and interruption, and without paying a ransom.

Schools are also advised not to pay, as research has shown that a quarter of organizations do not receive their data even after payment. A blended security approach is what schools need - educating users, updating all software to the latest patched versions, installing AV, and most importantly, ensuring backups are in place.

Subscribe to the Blog