Ransomware is malicious software that encrypts files on a victim’s device or drives. The encrypted files are then unusable to anyone without the encryption key. Once the attack starts the ransomware warns the victim on how to pay a ransom in order to unlock their data. The cyber criminals may also threaten to expose or auction off the data if demands are not met. This can have a devastating impact on organisations with data potentially irretrievable or permanently compromised.
The Victorian Government Cyber Incident Response Service (CIRS) advises the following:
“Investing in preventative cyber security measures, such as keeping regular offline backups of business critical data and patching known security vulnerabilities, is more cost effective than the comparative costs incurred when attempting to recover from a ransomware incident.”
Your kindergarten and committee should decide on precautions against ransomware as part of the organisation’s Digital Strategy.
- Back-Up. Back-up important data to store offsite and offline such as backing up to a password protected removable drive that a staff member takes away from the kindergarten. This manual back-up regime can be complimented with an automated cloud back-up method with a trusted service.
- Antivirus. Ensure all computers have a licensed antivirus. Keep the program up-to-date and keep ‘heuristic functions’ enabled. Computers purchased through our program have an antivirus that we maintain for you.
- Software updates. Regularly run updates on Windows and Apple computers and internet connected devices such as tablets. If it is an option set updates to automate.
- Be vigilant & don’t assume trust. Learn to identify fake emails, check hyperlinks and examine email addresses in the ‘from’ field. Always question requests for your credentials and don’t click links in unsolicited emails.
- Password security. Keep passwords secure, do not use guessable passes. A password manager is an important tool and some support team accounts.
- Check file extensions. Turn on “Show file extensions” in the Windows File Explorer so you can see if a file is actually a program or script like ‘.exe’, ‘.vbs’ and ‘.scr’.
- Update knowledge. Learn more about prevention on the website No More Ransom! https://www.nomoreransom.org/en/prevention-advice.html
- Plan ahead. Have a plan to put into place if your organisation is attacked. Your technology staff and committee can develop a response plan with government resources: https://www.vic.gov.au/prepare-cyber-incident
- Act quickly. If you suspect a malicious program is running on your computer, disconnect it immediately from your network and the internet and contact your IT support service. You can unplug the network cable or turn off the Wi-Fi radio.
Learn more about ransomware in the latest publication from the Australian Cyber Security Centre – https://www.cyber.gov.au/acsc/view-all-content/publications/ransomware-australia