Just two weeks ago, a recent article from the BBC reported on a series of school hackings by a group known as Vice Society. Highly sensitive data was stolen and posted online from numerous schools across the UK.
The reason the hackers were able to gain access to their networks, is likely to be down to these common problems;
- Staff were not applying updates
- The schools were not managing service accounts correctly – they were using a single service account with a weak password
- Internal updates were not kept up to date
- Internal firewalls and security were insufficient
- Horizon Suite was mis-deployed without the right external security in place.
How do we know this might be the case? Because our team were asked to help one of the schools listed in the article to achieve a full recovery of their data.
Blue Sky Systems urges any organisation to follow these IT security steps in order to significantly reduce the chance of becoming the next victim;
- Maintain Updates across all systems (as well as Windows applications - particularly externally accessible systems).
- Review and maintain firewall rules and external services.
- Segregate between User and SysAdmin accounts (do not use a sysadmin login for normal desktop/email use).
- Maintain service accounts for each service (separate them, assign appropriate permissions and use strong passwords).
- Ensure backups are segregated (off-domain, remote as well as location, and immutable if possible).
Please do get in touch for help on any of the above – we would much rather be talking to you about how to put steps in place to prevent an attack, than working with you to recover from one.