Dive Brief:

• School districts have become hot targets for cyber criminals but administrators can take a multi-tiered approach to protecting digital files that, even in the event of an attack, may help avoid payouts.
• According to eSchool News, a good first step is offering training and raising awareness among staff and student users to the threat of phishing schemes and the best ways to protect themselves.
• From there, districts should be sure their networks are secure from the back end with filtering and detection services, and they should also conduct routine backups so a ransomware attack can prompt a restore to the most recently saved backup rather than a ransom payment.

Dive Insight:

Horry County Schools in Conway, SC, paid close to $10,000 in ransom to get encrypted files back from hackers in early 2016. Administrators there decided paying the ransom and returning to normal operations right away was better than trying to unencrypt their data manually. Had the district practiced more routine backups, it might have been able to avoid the expense altogether.

An analysis by security ratings firm BitSight recently found education institutions face the highest ransomware attack rate of any industry — higher than government entities, healthcare organizations, energy companies or utilities, retailers and financial organizations. With more and more information from schools being digitized, administrators cannot afford to rest easy when it comes to cyber security.