Officials from the city of Hartford, Connecticut, were forced to postpone the first day of the new school calendar year after a ransomware infection impacted the city’s IT network. According to a statement published by Hartford Public Schools, the school district serving the city of Hartford, the ransomware attack impacted several of the school’s internal IT systems, causing a prolonged outage.

As the \”ransomware business\” proves to be lucrative (from the attacker\’s standpoint), it continues to evolve both technologically and operationally. The average ransom demand climbed over 1100% in the last two years – from $10k to over $110k. While traditional and next-gen security controls will somewhat help against common attacks, they are practically ineffective against a constantly evolving threat. When it comes to ransomware – an actively, rapidly evolving threat – organizations, including schools, must adopt a new, more proactive way of thinking. Defense-in-depth must be implemented, where each layer truly adds a different approach to the organization\’s security posture.
Educational institutions around the world are making the shift to virtual learning. Unfortunately, this now makes our schools and universities top targets for ransomware attacks, as witnessed by multiple incidents — most recently occurring to Hartford Public Schools.
A more proactive and threat-informed approach to security strategy for education is important to ensure they are not the next victims. Understanding common adversary tactics, techniques, and procedures as outlined by the MITRE ATT&CK framework allows organizations to build more resilient security programs. Additionally, organizations should use automated solutions that continuously evaluate the state of their defenses to support continuous improvement.