Could you afford to lose your students’ GCSE work?
Do you think you would know the difference between a potentially threatening email or not? They can sometimes be more difficult to spot than you think as a member of staff at the Sir John Colfox Academy recently discovered.
The academy, located in Bridport, Dorset recently fell victim to a major cyber-attack on 28 February, in which an employee of the school accidently clicked on a malware-infected link within an email. Hackers in China forwarded the email via a server in Germany making it appear to be more legitimate and the link immediately initiated ransomware across the whole school network resulting in loss of access to hard-working students’ GCSE coursework.
The coursework, although not deleted, is now encrypted and the hackers are demanding a ransom in order to have the files restored. Dorset Police are investigating the attack while the GCSE students are holding out hope that their work can be recovered to help them achieve their future prospects. In the meantime, the school is also working with exam boards to ensure students are not penalised.
So, how can you prevent a similar attack?
Cyber-attacks, viruses and malware all pose an everyday, very serious threat to schools, businesses and even many individuals. One of the main issues is that these threats often take advantage of human nature, using expert techniques to develop malware that is sent through seemingly legitimate means, and exploits untrained or unaware users.
This attack could have most certainly been prevented and the GCSE students work not compromised, if the school had provided the tools to help staff recognise unusual and illegitimate emails.
That’s exactly why we’ve developed an e-learning course for schools to help staff learn and develop their understanding of cyber security, the potential threats and how to stay safe at work. Condensed into 7 easy-to-follow modules, the course is an essential tool and provides peace of mind when you are responsible for safeguarding pupils. Training is a great preventative measure in that it supports your staff to recognise potential threats more easily, and reduces the risk that simple but detrimental mistakes are made.
Staff training is not the only necessity when it comes to protecting your networks. The training only comes into play when the potential threat has entered your network, but there is much that can be done to reduce the threat further, without the variable of human nature. You can minimise your risk through four key steps:
- Training your staff: Ensure that your team are aware and understand the threats, by providing the tools to learn with Ease Training. Courses start from just £25.00 and on completion learners will receive a certificate.
- Protect your networks: Speak to your IT department to ensure that all of your systems are up to date with the latest anti-virus software. Make sure the antivirus is high-spec and not just the cheapest, so that it responds and adapts to the new advanced and mutating threats.
- Back it up: It is important to back up all of your networks to ensure that any work completed is saved remotely on a regular basis. Your back-up process should include additional virus scans to prevent the back-up of viruses already in your system. They also provide a great fail-safe so that if ransomware is activated, you can reinstate your network to a point prior to the activation, without paying the ransom or engaging with the hackers.
- Be in control: It is important to ensure that you have control over your networks and that students, teachers and guests all have varying levels of access to the internet. Using a multi-tiered user access system will allow you to control which users access what type of data, to reduce the risk of infection in the first place. Ask your IT company for help with this one!
For more information or to enrol your team onto our e-learning course for schools, please get in touch on 01285 770984 or email firstname.lastname@example.org