Following the news that A Los Angeles school has made a US $28,000 ransomware payment after hackers raided its network. Attackers had encrypted enough to ruin computer services, email, and messaging at the Los Angeles Community College District. Jonathan Sander, VP of Product Strategy at Lieberman Software commented below.

Jonathan Sander, VP of Product Strategy at Lieberman Software:

Jonathan Sander“The key phrase in the LA schools ransomware story is that they had no other choice but to pay since they lacked a backup. Ransomware is not an act of God. In most cases it can be prevented by being careful with email and phishing attacks or remediated by having good backups. You have to pay ransomware attackers when you have no way to get back the data they lock up. If you had a backup of that data that was not hit by the ransomware, then you restore that and go on with life. Of course, to maintain good backups an organization needs good IT staff and equipment. Neither is free. Schools, especially big city schools, don’t tend to have the money for that. And when they get stuck with big ransomware payouts, then they have even less money for their mission.”

Information Security Buzz