6 Ransomware Defense Tips for Schools and Colleges


Hackers and cybercriminals see schools as easy targets because these institutions usually don’t have the budget to invest in robust cybersecurity measures. And schools hold plenty of sensitive information, from student records to financial information to research data.

With the pandemic’s push to remote learning adding new vulnerabilities and the rise of threats targeting schools, IT pros responsible for data resiliency are facing many new challenges.

As TechTarget points out in a recent article, ransomware gangs keep attacking K-12 schools even though these victims are unlikely to pay a ransom. And a recent post by Emsisoft noted that the number of schools potentially affected by ransomware attacks nearly doubled from 2021 to 2022. A quick Google News search on the term “school ransomware” confirms this sad reality, returning headlines about attacks on school districts in Arizona, Massachusetts, Rhode Island, and Iowa—all of which occurred last week. The same trends hold true for colleges.

So what should you do if you’re responsible for your school’s ransomware defenses? Here are six tips to get you started:

1. Invest in Cybersecurity

Ransomware attacks cost U.S. schools and colleges $3.56 billion in 2021. No matter how small your budget may be, the cost of doing nothing will likely be more than the investment you need to make in cybersecurity technologies. It’s incumbent on you to convince your school, district, or college to find the budget to protect school and student data.

That money should go toward putting firewalls, antivirus and antimalware software, email filtering, and other prevention measures in place. If your school can afford it, network monitoring and network segmentation also offer ways to prevent or limit the damage caused by an attack.

While it’s not often included in cybersecurity conversations, a consistent patching program keeps your hardware and software up-to-date and secure. When a vendor sends an update alert, implement it immediately because the vulnerabilities being patched often serve as a target list for cybercriminals to exploit, knowing that many users won’t get around to handling the update quickly.

2. Train Your People

The Verizon 2022 Data Breach Investigations Report found that 82 percent of breaches involved the human element, including social attacks, errors, and misuse. Since you’re already in the business of educating people, add a curriculum that increases employee and student awareness of cybersecurity and the role they play in protecting school data.

Help everyone learn to recognize suspicious emails and websites and understand that they should only click on a link or download an attachment if they know the source. Then do regular testing to ensure these practices are continually reinforced—because new threats will never stop coming your way.

3. Update and Test Your Disaster Recovery Plan

Whether you’re responsible for a single school or a massive district like LAUSD, your disaster recovery plan should always be up to date. If you don’t have a current plan, you can find a step-by-step guide to creating one here. Once your plan is updated, test it to ensure it will work as expected if ransomware or another data disaster strikes. Then schedule regular tests so you can always be confident your school’s data is safeguarded.

4. Modernize Your Backup Strategy With Data Resiliency

The only way to be sure you can recover your data in any disaster is to follow the 3-2-1-1 backup strategy. You must keep three copies of your data (one primary and two backups). Store two copies locally on two formats (network-attached storage, tape, or a local drive) and one copy offsite in the cloud or secure storage.

The last “1” stands for immutable storage, where your backups are saved in a write-once-read-many-times format that can’t be altered or deleted—even by ransomware. Regardless of your IT budget, it’s essential to find a way to follow this strategy because it delivers unmatched data resiliency.

5. Never Pay the Ransom

The most high-profile attack last year targeted the Los Angeles Unified School District (LAUSD), the second-largest district in the U.S. The district’s refusal to pay the ransom led the hackers from Vice Society—believed to be a Russian-based intrusion, exfiltration, and extortion group—to release 500 GB of the stolen data.

According to the Federal Bureau of Investigation (FBI), the district did the right thing. The FBI doesn’t support paying a ransom in response to a ransomware attack because paying doesn’t guarantee your organization will get any data back. And it encourages the hackers to target more victims while attracting recruits to the ranks of cybercriminal organizations.

6. Get Expert Help

These threats make a case for schools to focus on ransomware defenses, investing where they can make the most impact. But with school IT teams often overburdened and constrained by tight budgets, seeking expert outside help is your best bet. Arcserve technology partners bring broad expertise that can help your school put the best solution in place that fits your budget.

Read how Arcserve partner Cymax helped a secondary school ensure ransomware recovery here and how one college increased its data protections while reducing its data backup costs by 50 percent with Arcserve products here.

You’ll also find a list of expert Arcserve technology partners here.