In 2019, 71% of organizations experienced Malware activity that spread from one employee to another. In 2020, that number fell to 60%, its lowest for the last three years, but Malware still remains a big problem for organisations and especially the education sector.
The name Malware is simply a combination of “Malicious” and “Software”. It is any software created to cause harm to a computer, network, systems, people, organisation, etc. This read will not only provide insight on Malware and its types, but will also give top tips on how to secure your school system and mitigate any cyberattacks.
Cybercriminals use malware for a variety of purposes like extorting money, selling data, personal revenge, damaging reputation, political motive, etc. For a better understanding, we should first know the different types of malware.
Computer worms – Computer worms are self-generating malware programs that infect other computers by replicating functional copies of themselves. Computer worms exploit vulnerabilities or poor network security resulting in the spread of malware.
Computer virus – Computer virus is a piece of code that inserts itself into the code of another program, and forces it to take malicious action and spread itself.
Trojan horses: Trojan horses trick users by faking to be a legitimate program. The term is taken from the Ancient Greek story of the deceptive Trojan Horse that resulted in the fall of Troy.
Now that we know some of the types of malware, let us find what happens once your computer or network gets in contact with them.
Unwanted advertisements – Adware inserts ads in user’s web browser pop-ups often and compels users to click on them to download even more malware
Spying – Spyware gathers information about users’ activities without their knowledge or approval. This can include passwords, payment information, pins, and other personal data like photos etc.
Spyware attack is not limited to only computers/laptops but it can also target smartphones and digital tabs through apps. Keylogger is another insidious type of spyware that records every keystroke typed on the keyboard. It is often used to track and gain access through login credentials or steal personal information.
Extortion – Ransomware encrypts the data or denies access to the system until a ransom is paid. Such attacks can cause downtime, data breaches, intellectual property theft, and damage to reputation.
Malware has been around for decades and so have been the solutions to tackle them.
From a cybersecurity standpoint, the best solution that you can do to protect your organization from malware-wielding offenders is to make yourself as challenging a target as possible.
Below are some of the effective malware preventive measures which can be used to protect your system and network from being targeted.
Anti-malware - Anti-malware or antivirus applications work by scanning the files of a computer against a list of known malware (often known as definitions or definition files)
Central management and reporting - A centralised anti-malware solution enables administrators to monitor the status of all devices on the network and can help prevent the spread of a virus if one device is infected.
Regular scans - A computer should be scheduled to automatically run virus scans at regular intervals thus removing the manual intervention of scanning the system..
Passive scanning - Most anti-malware solutions allow the program to run in the background and scan files as they are downloaded or accessed. This will often prevent a user from opening a file if malware is detected.
Active scanning - Active scanning scans the most common infection points that malware uses on computers.
Update definitions - Centralised anti-malware solutions can be used to ensure that all computers have the latest definition files for malware released by security companies.
Central notification - Notifications and alerts on central solutions are critical to ensuring that administrators are aware of any infection that occurs on the network or network-connected devices.
Central reporting - Reports from central solutions often highlight trends in attempts by malware to infect the network. Mostly, anti-malware solutions are successful in identifying and removing malicious files and reporting can help identify the cause or origin of these.
Some other best practices apart from anti-malware will help to quickly recover and reinstate your system.
Limit access - Ensure access is given to only those users who require it. Limiting access will also limit the exposure and prevent the malware from spreading through the network.
Set email protection through security tools – Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), Domain-based message authentication reporting (DMARC) are excellent tools to protect your organisation from getting malicious malware through email. As per a report, 92% of malware is spread through emails.
Backups - Data backups are crucial to operational continuity for schools. Effective backups aid quick recovery if malware removes access or infects the network. Infected data can be deleted and replaced with backups. Off-site cloud-based backups have been a successful cybersecurity strategy for many organisations to get their data restored and not fall prey to ransom demands of cybercriminals.
Firewalls - Host-based firewalls should be enabled that complement the firewall that should be in place on the network. Firewalls scan all connections to the devices and warn a user if a connection is from an unknown or malicious source.
Keep your system up-to-date - Software patching schedules and configuration profiles should be in place which dictates that all the important security updates for devices should be installed within 14 days of release.
Final thoughts
From K-12 schools to universities and colleges, the education sector was one of the most affected industries hit by malware in 2020. Lack of cybersecurity awareness and sub optimal cybersecurity practices make their systems easy to compromise.
The basic remedy for schools is to make their IT system robust and hard to target. Most cybercriminals often go for the low-hanging fruit as they are looking for a substantial pay-out with minimal effort.
Marcus is a Senior Technical Consultant at 9ine, responsible for the on the ground management of new build / refurbishment projects. He specialises in the application and configuration of technical systems and services within schools, including mobile device management (MDM) systems. He holds a bachelor's degree in computer network management and design.