The Danger of Unsolicited email

Q.   What should you do if I receive an email which I wasn’t expecting?

A.   Be very careful or you could find that you have just released Ransomware onto your schools network.

What is Ransomware?:-

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files.

Recently this has come in the form of unsolicited emails which had an attachment. Unfortunately these attachments were opened which led to several TMC schools being infected.and has been traced back to unsolicited emails with attachments that release the damaging files onto the schools network. This then starts to infect any files which are opened by that user / from that computer on the network and then can start to spread across the schools network as other users become involved. This has led to large quantities of schools data becoming inaccessible and having to be restored from backup.

How can I prevent this happening?:-

When you receive an email ask yourself the following 2 simple questions.

1 Do you know who has sent you the email?                                      

If you do not, do not open the attachment and delete the email.

2 Are you expecting an email from the person with an attachment?  

If not do not open the attachment and either check with the user (do not forward the attachment) or delete the email.

What will happen if I do open an email and it infects the school?:-

This will depend on the pay load delivered by the Ransomware. However the recent outbreaks have led to entire drives having to be restored within schools. This can take up to 5 days to clean all traces of the infection. During this period your school will experience large amounts of disruption to learning and teaching. Depending on the payload it may be necessary to disconnect the school from the Education network entirely for the duration of the clean up to protect other schools.

It should also be remembered that if your school has a NAS drive and this becomes infected there will be no way of recovering the data unless your school has an offline backup of the data. This could lead to large amounts of data being lost permanently.

In short: Please be vigilant when reading emails and delete any unsolicited emails without opening. It is easier for a genuine user to resend an email than it is to clean up an infected school.

Currently excel files are blocked to protect schools. However ICT are in consultation with Education with regards to lifting the current restrictions.

 

 

Report a Glow concern
Cookie policy  Privacy policy