1. First, look to prevention.
The best health is the ability to bounce back with as little downtime as possible, and the ability to do backups and to verify recovery and restoration is important. Drill the basics into employees by sharing advice in meetings, such as “don’t download software from dubious sources” and “don’t open email attachments that you aren’t expecting.” Lastly, there are free ransomware-protection tools like Cybereason’s RansomFree or Trend Micro’s Ransom Buster.
2. Next, get to know some of the local security community.
Ask people from local meetups, regional vendors, ISACA, or law enforcement to come and have a chat. Critically, know who you will call for help when things go wrong or there is an attack.
3. Finally, immediately isolate infected machines to minimize additional files and shared folder encryption.
The presence of malware can indicate a deeper presence, so don’t allow malware to get communications or updates. Take it offline and notify all users to be cautious.
I hope the horrors of the past go by the wayside and don’t rear up again. I don’t advocate vigilantism or hack-back in any way, but I do hope that those who intentionally target K-12 get a special kind of karmic payback. The best way to not be an accidental victim is to realize that we in the security community are here to help even for (and perhaps especially for) those who don’t have the budgets and departments to get help from anyone else.
- Is K-12 ready for skills-based hiring? - May 23, 2022
- How to build relationships with instructional coaches - May 20, 2022
- 3 keys to supporting students during a mental health crisis - May 20, 2022