Our parishes and schools are vulnerable to ransomware and other attacks.  The sophistication of these attacks is growing.   The NDTO is here to help your parish to prepare, and to respond in the event of an incident.

Ransomware is like the flu:  the best alternative is not to get it in the first place.  A few simple preventative measures greatly reduce the threat of ransomware and other cyberattacks:

  • Upgrade your operating system and software. Windows users should be moving rapidly to Windows 10.  Turn on automatic upgrades for your computer.  Server infrastructure needs to be upgraded as well, to Windows Server 2016.
  • Implement a robust, reliable backup strategy. If you have a good backup of your computer, you do not have to pay the ransom – you rebuild your computer instead.
  • Be aware of phishing attacks. Our staff, students, faculty, and families receive phishing emails every day – many are sent to me for review.   Delete these emails and do not click on links in them.

Our schools also need to develop an efficient way to rebuild computers quickly.  In an attack, dozens of computers may be infected – they will all have to be remediated to recover.  This includes our Windows servers.

Implementing a good backup and recovery strategy is not simple.  There are many factors to consider, and processes to establish to test the recovery process regularly.  With so many of our systems and storage in the cloud, our backup strategy also needs to include our cloud assets. They are just as vulnerable to attack as our personal computers.

Institutions such as Microsoft, IT security firms, and Federal agencies are working diligently to respond to these threats quickly when they emerge.  We need to do our part by keeping up with their upgrade cycles.  It is no longer safe to run out-of-support operating systems and other products – we need to look at the cost of upgrading hardware and software as a cost of maintaining the security of our campuses.  It is not inconceivable that Catholic institutions will be specifically targeted by some attackers.