Here's what you need to know to prevent ransomware in 2023

This year has proven itself challenging in every way in terms of school security, especially when it comes to fending off cyber criminals. From high-profile ransomware attacks to leaks of confidential student and staff data on the dark web, K12 has seen it all.

But that can change.

Three years after its release, the Cybersecurity and Infrastructure Security Agency for the first time updated its this week as ransomware and double extortion continue to plague K12 schools.

For some, this may be a much-needed refresher course ahead of the 2023-24 school year considering the number of targeted cyberattacks, experts warned leaders.

In partnership with the FBI, National Security Agency and the Multi-State Information Sharing and Analysis Center, the guide reflects on lessons learned over the past several years in addition to some recommendations leaders should consider for keeping their student and staff data secure. The recommendations cover best practices for ransomware and data extortion prevention as well as a checklist district and IT leaders can follow.

What’s new?

As cyber criminals continue evolving their tactics, it’s imperative for schools to stay one step ahead to mitigate the risk of ransomware. To maintain relevancy and maximize effectiveness, CISA added some of the following changes to its guide:

For the first time, the FBI and NSA have been added as co-authors for their contributions and insight.
Implemented recommendations for preventing common initial infection vectors, including advanced forms of social engineering and compromised credentials.
Updates to recommendations for addressing cloud backups and zero trust architecture (ZTA).
Expanded its ransomware response checklist to include threat-hunting tips for detection and analysis.
Mapped recommendations to CISA’s (CPGs).

“This document is a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, respond, and recover, including step-by-step approaches to address potential attacks,” according to CISA’s website.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

91��Ƭ

Here’s what you need to know to prevent and mitigate ransomware in 2023-24

The Always-On Insight and Networking Platform for Superintendents and Their Teams

Related Articles

How to maximize edtech–while regulating screen time

How to boost K12 morale so your educators stay