Baltimore County Public Schools fell victim to a ransomware attack last week, affecting more than 115K students. The school district, which has been relying on virtual classes to teach students during COVID-19, has cancelled classes since last Wednesday after cybercriminals shut down its IT systems.
The full thread begins here: https://twitter.com/camerongray1515/status/1332314853118238720/photo/1
This is a case of ransomware that disrupted anything that was connected to Windows-based devices. We don’t yet know how much they’re being forced to pay for ransomware, but this is really aggravating when attackers go after schools and after the kids. Schools don’t have a lot of money and resources to put towards security, which is the reason they get targeted – they’re low-hanging fruit. For other schools and school districts, this is another good example of why it’s important to try and muster up the resources for some security and IT support to help stave off attacks like these.
Over the years I’ve often been asked about consumers having a marketplace to sell or minimally manage their personal data with a core question of how much consumers might charge. Now we have it – £5 to £10 quid per month in reward points for an app to monitor all internet usage while also having an excess in app permissions allowing the app to listen to background conversations. For some this might be appealing, but it should clearly demonstrate to everyone that personal data is valuable to app authors. After all, the £5-£10 quid per month has to be coming from somewhere, and all the user has done is provide internet access data.
The ransomware attack against Baltimore County Public Schools validates the concerns held by many about threat actors interfering with remote learning. This doesn’t come as a surprise, but should act as a warning for school districts that incidents like this one are a real threat. Given that at-home orders and COVID-19 restrictions aren’t loosening anytime soon, cyberattacks affecting school districts during e-learning is inevitable. Ransomware criminals capitalize on the unknown and take advantage of the fact that schools sometimes have no choice but to pay a ransom to reduce data loss and downtime.
It isn’t too late for school districts and IT pros to take proactive action to minimize disruptions for however long remote learning will last. Developing a plan for these types of ransomware attacks is crucial to mitigating the damage; IT teams should have a crisis plan in place, and may want to consider integrating their cybersecurity and data protection protocols to simplify the process of detecting attacks and recovering impacted systems and data. It’s also crucial that students and teachers get cyber-ready, and learn the warning signs of cyberattacks, like phishing. They should have access to a remote backup system, which ensures their data remains protected and recoverable, and also frees up IT resources to dedicate to security.