After the weekend that organisations across the globe including the NHS have had dealing with the aftermath of a cyber attack using Ransomware, it could be a good time to make what we do as schools to not be the next victim. This attack has show the size and complexity of the challenges faced by organisation but also the potential impact if an attack is successful. It will be interesting to see when the investigation is complete what the route of the attack was for one of this size, although currently it is being profiled as one of out of date software and the vulnerabilities within that (http://www.bbc.co.uk/news/technology-39915440).
I think there has been a belief that schools and other organisations that ‘don’t make money’ are not on the target list for these criminals, however this weekend has shown that it isn’t the case. Many of these attacks are not targeted on organisations but on known vulnerabilities in systems or speculative social engineering attacks such as ‘ Phishing’.
It is critical that schools make sure that the systems are patched with the latest software updates to make sure that they don’t fall foul of the WannaCry Ransomware .
For the latest guidance from the National Cyber Security Centre click here.
For advice on how to protect your organisation from Ransomware click here
We have to remember that the people undertaking such attacks are often appear to only be asking for relatively small sums per machine, paid in BitCoin but multiply that by the number of devices in the school and quickly builds. In addition consider the inconvenience to the day to day running of the school, the possible non-return of data even if the ransom is paid (remember we are dealing with criminals) and the reputational damage to a school could be significant.
If you would like to know more about how we can help schools to stay safe, don’t hesitate to get in touch.