Sign up for TPR Today, Texas Public Radio's newsletter that brings our top stories to your inbox each morning.
The ransomware cyberattacks, like the one that closed Uvalde Schools until Friday, are growing more common—but are preventable, according to an expert at Port San Antonio.
Cyber attackers are skilled at hacking into internal computer databases of a school, business, or other institution to steal valuable information, such as names and social security numbers.
The attackers then encrypt the stolen data, locking out access to those originally targeted from accessing their own information.
But for a price or ransom, they will sell a password to the victim that restores their access to what they need to resume operations.
Alexander Hernandez, the manager of cybersecurity and technology at Port San Antonio, said we have all likely had some personal information stolen in ransomware attacks. Common stolen items include phone numbers.
"All that data is very helpful for them because they can just sell ... that data to the black market and then just get money," he said. "And that's how you have multiple spam texts, multiple spam calls. I mean we all have it."
He said if there is not a good backup system for all the stolen data in a ransomware attack, it can take time to rebuild a database.
That lack of access to their own data can bring a business, or in this case, an entire school system, to a halt.
Hernandez said all institutions should backup important data on an outside system or in the cloud that is not connected to a live operating system.
He said such a backup allows an internet technology team to restore information for a victim up until the moment of the attack.
Hernandez said all it takes is for an employee at a school or business to click on an unfamiliar link to open a path for an attacker to work deeper into an institution's operations and internal communications and closer to the information they need to access a sensitive data base of information.
He said on top of a password and username everyone should be using a multifactor form of login such as an additional texted code, or fingerprint and facial recognition.
And businesses and schools should make sure firewalls and security software are active and update to date.
Schools use computer systems for a number of tasks, including class attendance, entering grades, internal email communications with staff, and external email communications with parents and guardians.
