When news broke last week of cyber attacks threatening systems in nearly 150 countries, the first thing I did was rush to make sure my home PC was protected. (It was.) It’s likely that individuals and organizations—including K-12 schools, colleges and universities—the world over had the same reaction, especially as word of the ransomware’s demands for thousand-dollar payoffs spread like the virus itself. In fact, “Prioritize cyber-hygiene,” that is, ensuring regular software patching and rigorous password management, is one of the three guiding security principles outlined in the Cisco whitepaper Tackling the Ransomware Threat: Guidance and Recommendations for Schools and Universities.
“Build user awareness,” another guiding principle, notes that the weakest link in any organization’s security structure is its users, not because they’re malicious, but because they’re human and cyber threats are often transmitted in attractive packages. (At home, my “weak link” and I share a PC, which is one reason I moved so quickly to check its status.) Though it isn’t entirely clear yet, it is possible that the WannaCry ransomware attack making headlines today was propagated through phishing emails or malicious website content.
So far, only colleges and universities in Asia have reported falling victim to the latest ransomware attack, but K-12 schools, colleges and universities—which balance the desire to offer ubiquitous access with the need to ensure security and protect privacy—are common targets of cyberattacks such as phishing or other attempts to access sensitive data. Institutions across the U.S. and around the world have paid the price: from tens of thousands (if not millions) of dollars in “ransom,” to mandatory investments in costly identity protection services for students whose data has been stolen, to lost federal funds. According to Cisco’s 2017 Annual Cybersecurity Report more than one-third of all organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent.
It is no longer a matter of “if” your organization will suffer a security breach; it’s a matter of “when.” And for many, “when” has already happened—the breach just hasn’t been discovered yet. This is why the final guiding security principle for tackling the ransomware threat is “Assume that breaches have taken place.” In this way, you can look at the entire threat spectrum—before, during and after an attack—to protect, detect, or remediate any malicious activity that comes your way.
Ransomware and other cyber threats can be frightening and understanding all the variables can be a daunting task. Attending this upcoming webinar is one way you can find out more. You’ll also find some other great resources here.