Dear Customer,

There has been a marked increase in attacks on education institutions using a computer hacking strategy known as Ransomware.  Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or your data until a ransom is paid. Typically, the hacker accesses your computer system through phishing emails or by a user unknowingly visiting an infected website. Ransomware attacks can be devastating to an individual or an organization.  The hacker will demand payment in a cryptocurrency and usually will get paid their demands.  Since disclosure to student’s, accreditation and department of education is required, the school’s brand will be damaged by negative press.  

Here is a recent article regarding a Long Island school district that had to pay $100,000 in order to unlock the ransomware installed on their servers:  https://www.newsday.com/long-island/education/hackers-ramsomware-school-districts-1.35422441

DIY Protection:  

There are several anti-Ransomware software providers that can be purchased and applied to your servers and your computers.  The important subject is staying current with the latest version to assure that you are as fully protected as possible. 

Here is a link to reliable reviews of Anti-Ransomware vendors:  

https://www.pcmag.com/roundup/353231/the-best-ransomware-protection

Recent, off-premise backups can also be an effective defense strategy.  You will only lose the date you processed between backups, so frequent back-ups are imperative to a successful defense against a ransomware attack.  A successful strategy includes off-premise backups and adherence to a specific schedule of backups.

Commercial insurance providers now offer ransomware attack riders to your commercial policy.  While this will lessen the financial blow, it will do practically nothing for reputation damage.  

DCWS Customers:

The good news for DCWS Customers is, you have anti-Ransomware software running in the background of your online instance.  This software is kept up to date and current and is ranked as one of the top providers of anti-Ransomware software providers.

Also, your data is regularly backed up, so if ransomware (or any other virus) is detected, the anti-Ransomware software isolates the copy of the infected database and automatically rolls your database back to a prior version. Since backups are done every 24 hours, only the data entered between a successful attack and the last back up would be lost. 

Measures to consider:

Educate your users:  Host cybersecurity discussions to be sure everyone is aware of the threat of casually opening suspicious emails or visiting non-school business web sites from your school’s computers.

Buy and maintain anti-Ransomware software.  If you go this route, be sure to update the anti-Ransomware software on the supplier’s schedule.

Buy a commercial insurance policy or rider to cover the cost of paying ransomware should your defenses fail.

Locate a Public Relations firm who handles this type of bad press and can be hired to assist with creating a long-term plan of positive messaging to follow onto the bad press of a breach.

The simplest and easiest solution?  Upgrade to a provider, like Diamond Cloud Workspace, that provides anti-Ransomware protection as an essential part of their offering.  If you would like to strategize about your cyber security, please send me an email to set up a time to meet.  We are here to assist.

Best regards,

Jim Queen

Owner/CEO

Diamond SIS, Inc.

j.queen@diamondsis.com

818-746-5283