How your school district can prepare for a ransomware attack?
Listen now
Description
Cybersecurity Incidents Strike Often If the Colonial Pipeline ransomware attack had a silver lining, it was that it brought worldwide awareness to the fact that ransomware attacks are a costly epidemic. For years, school districts have been a target of such attacks creating costly headaches for those trying to educate our children. A report highlighted on EdSurge says a new cybersecurity incident strikes K-12 schools nearly every three days. For most districts, the challenge of protecting data is a chief responsibility of the director of technology. The person charged with guarding that data has to prepare for attacks in several forms, which include but are not limited to. * Denial of Service Attacks * Phishing Scams * Ransomware How to “mitigate” the problem? “The key is not complete containment. That is not possible,” says SchoolStatus CEO Russ Davis. “The gold standard is mitigation.” Davis has been working with school districts for over a decade and he says there are steps districts can take to reduce risk to a reasonable amount. Davis believes that districts need to have policies and plans in place to prevent extreme damage from cyberattacks. “What happens when there is a breach? What do we do?” Davis says these are the types of conversations districts should be having. Don’t store student’s social security information Dane Conrad, who is the technical onboarding specialist at SchoolStatus spent the past few decades serving as the Director of Technology for large school districts. Conrad says they quit storing student’s social security numbers in their SIS (Student Information Systems). Conrad says criminals would love to have students' social security numbers because those socials often go unchecked for foul play. “If somebody steals my identity and they use my social security number. Typically I’ll fumble upon it. So I’ll see information being accessed on my credit card or my debit card,” says Conrad. “But for a student, they are not necessarily in that environment.” Conrad says criminals could use that number for years before anyone realizes the damage. Superintendents should ask their director of technology if they’re storing student socials anywhere on their servers. If so, find out why? Is it a necessity? Educate about Phishing One of the most common ways districts are compromised comes from phishing attempts. This is typically when a fraudulent email tricks employees into handing over sensitive information. Often employees may be tricked into handing over their login credentials. Conrad says it’s critical for districts to educate their staff about what a phishing attempt may look like. He also recommends using a resource like knowbe4.com. He says they offer literature you can share with employees and they’ll even run phishing attempts to test the system and see where you may have vulnerabilities. How to combat Denial Of Service Attacks A Denial of Service AKA DDOS attack occurs when multiple systems flood bandwidth or web servers. As a result, your school's network could be temporarily shut down. Davis says having a quality ISP (Internet Service Provider) can help prevent this. He says that good ISPs offer intrusion prevention and detection systems. He also suggests that districts should tighten up their fi...
More Episodes
Published 03/16/24
In the fast-paced world we inhabit today, intelligence is no longer confined to the realm of IQ scores and academic prowess. An equally important aspect of personal development is emotional intelligence (EI). This term, now ubiquitous in discussions about personal growth and success, was traced...
Published 03/16/24
In an intriguing twist of technological irony, the Peninsula School District in Washington State has embarked on a pioneering journey by utilizing Generative AI (Gen AI) to develop comprehensive guidelines for integrating artificial intelligence (AI) in educational settings. This innovative...
Published 03/04/24