Schools around the country are fighting a wave of ransomware attacks by cybercriminals. The U.S. Treasury Department points out, that unfortunately, these attacks have increased during the coronavirus pandemic. Why are schools such a tempting target? Often these institutions have thinly staffed IT departments and networks full of student and staff data.

To be fully prepared for a cyberattack, educators on all levels, from superintendents and board members to teachers and even parents working with students remotely, need to know the proper steps to take when handling a cyber threat. “Any cyber-attack, ransomware or otherwise, should be met with a tested response. Schools and school districts need to develop and exercise their incident response plans before an attack happens, similar to fire drills or active shooter drills,” says Kristen Pedersen, NUARI Associate Vice President.

A recent article in The Wall Street Journal highlights this current wave of attacks documenting nearly three dozen ransomware attacks against school districts since the pandemic began in March.

That tally, affecting districts educating more than 700,000 students, doesn’t include numerous private schools, community colleges and universities that have also come under attack.

Technology has allowed us to adopt new ways of working and learning. It’s also permitted cybercriminals to find new ways of obtaining personal information. Karen Bates, the Deputy Director of NUARI’s Security Situation Center, notes – “The largest vector for ransomware attacks like this is thru email or phishing. This puts first-line defense for a network on the end-user.”

So what can states, cities, school districts, teachers and parents do to prepare for a ransomware attack?

Preparation is key. NUARI’s DECIDE exercises (Distributed Environment for Critical Infrastructure Decision-making Exercises) simulate cyber-attacks for organizations which can improve strategic communication, compliance, risk, and overall resilience.

Additionally, organizations can find protection through services like the NUARI SSC (similar to a Security Operations Center). The NUARI SSC shares and receives information from federal and state law enforcement partners/agencies for increased protection against threats. This relationship enables NUARI to take a more proactive approach to cyber threats on the networks served. The NUARI SSC provides threat hunting, monitoring, detection, mitigation, and reporting improving any organization’s resilience against cyber-attacks.