College and university business and financial offices are busy collecting student data and processing credit card payments for everything—from tuition to residence fees. University human resource departments regularly use employees direct deposit and health insurance data. This stockpile of sensitive payment and personally identifiable student information, coupled with limited IT resources, makes schools a playground for cyber criminals. In fact, in 2016, education surpassed healthcare as the sector most targeted by ransomware, the fastest growing cybercrime today.
Ransomware outbreaks, including Petya and WannaCry, cost businesses $1 billion in 2016. Even so, school administrators—even some IT professionals—have a false sense of security in their Mac-heavy environments, with usage rates of 70 percent in K-12 and 80 percent in higher ed.
While Macs are perceived as being “safe” from malware, Mac’s small market share may largely be the reason for fewer attacks, rather than the vulnerability level of the Mac OS X. In fact, attacks on Macs were up 744 percent in 2016.
Ransomware is Getting Smarter
Ransomware doesn’t require entry to the MacOS operating system, not even special privileges. It just needs to target personal files stored in the user’s home directory. Hackers target unsuspecting users with malicious downloads launched from email and social media platforms. If they connect to your network, all it takes is a network vulnerability for the ransomware to take hold.
Hackers are creating new malware that runs on multiple platforms. They’re also scaling up attacks through ransomware-as-a-service (RaaS)—pre-configured ransomware packages offered to “franchisees” in exchange for a cut of the ransom money. FortiGuard Labs recently discovered an RaaS that uses a web portal hosted in a TOR network, possibly the first attack on a non-Windows operating system and the first RaaS to target MacOS.
Education is Your Best Defense
While Mac-specific ransomware attacks haven’t hit the level of Windows occurrences, the risks— the encryption of files to prevent access—are equally serious. To avoid them, schools should:
- Patch early and often. Pay close attention to Apple’s security updates and apply all patches quickly.
- Backup devices. Use Apple’s Time Machine service to make redundant backups, storing the most critical information offline. Scan backups for vulnerabilities
- Encrypt data stored on devices. While this may not be effective against many ransomware variants, it can protect against malware that is designed to steal files and data.
- Install an endpoint security client. Carefully research security vendors to assure their solutions will protect devices and tie that security back into your network security strategy, allowing you to leverage and share threat intelligence.
- Cover all threat vectors. Email is still the biggest vehicle for transmitting ransomware, so deploy an appropriate email security solution, along with web security tools, wired and wireless access controls, cloud-based security, and network segmentation to detect, respond to and contain threats found anywhere in your distributed environment.
Ransomware is evolving, and educational institutions can’t afford to be lax. As a value-added distributor of the Fortinet Security Fabric, Fine Tec can help you ensure that your educational customers are aware of ransomware risks to Macs and have a plan in place to counter them. Contact us to learn more.