Lessons Learned
Organizations in general need to stop relying on end users to make security decisions, Thorpe said. They’re not qualified, they’re busy and have their day job to worry about.
“The common technology used to prevent ransomware and malware tries to identify bad stuff, whether it’s by signatures, patterns or behavioral analysis,” he said. “However these tools work, they rely on previous knowledge of what attacks look like. The problem is that cybercriminals are experts in innovation, so historical knowledge is no use for new, innovative attacks.”
Moreover, schools are a hot target because they tend to be less well defended than commercial organizations, Thorpe said. This may be due to funding, but the diverse student population is the easiest way in for the criminal.
“The ransom payouts may not be so great with schools but the outlay for the criminal in terms of time and money is also low,” he said. “Ransomware-as-a-service is easy to locate and low cost so the effort involved is minimal. But a successful attack is made more likely due to the lack of experience in IT security within the student population.”
