October was the first month we got some visibility on how the bad guys are now targeting school districts and students across the USA in a wave of new ransomware attacks. This attack is still going on.
A report released by Armor, a global security solutions provider, noted a substantial rise in ransomware attacks against schools (and school districts) since October 2019. “The report identified 11 new U.S. school districts (comprised of 226 schools) that have been hit by ransomware since late October. “
Why Ransomware Thieves Target Schools, School Districts, and Municipalities
Ransomware criminals know that school districts and municipalities are often ill-prepared to defend against cyber threats due to their limited budget, IT money that is allocated in the budget is likely to be spent procuring new hardware and software rather than on cybersecurity or security awareness training. With little cybersecurity budget, the bad guys are aware this is a soft and target-rich sector, with sensitive data that needs to be protected and kids that need to attend school.
“According to Chris Hinkley, Armor’s Head of the Threat Resistance Unit (TRU) research team, schools, and municipalities continue to be very desirable targets for ransomware threat actors because these types of organizations host a lot of important, sensitive data, which is required for communities to function properly. The cybercriminals also know that often these entities don’t have sufficient cybersecurity protections in place. “The attackers know that the services these organizations provide are critical to their communities, and they also know that schools and municipalities are typically more vulnerable to security attacks because of their limited budgets and lack of IT staff,” said Hinkley. “This combination can give the threat actors a tremendous advantage over their victims because they know these entities cannot afford to shut down and are often more likely to pay the ransom.”
The report identified “269 publicly announced ransomware victim organizations in the U.S. since January 1, 2019 as well as the status of some of those events. Municipalities continue to lead the victim list at 82, followed closely by school districts and educational institutions at 72, followed by 44 healthcare organizations and 18 Managed Service Providers (MSPs) and Cloud-Based Service Providers.”
In comparison, Armour cites K-12 Cybersecurity Resource Center stats for 2018 that reported K-12 schools experienced 119 cyber incidents in 2018 and attributed a total of 9.76 % (approximately 11 schools) that have been hit by ransomware.
11 U.S. School Districts Identified as a Victim of Ransomware Since October 20
- Wood County Schools, Parkersburg, West VA
- Port Neches-Groves Independent School District, Port Neches, TX
- Penn-Harris-Madison School Corporation, Mishawaka, IN
- Livingston New Jersey School District, Livingston, NJ.
- Chicopee Public Schools, Chicopee, MA
- Claremont Unified School District, Claremont, CA
- Sycamore School District 427, DeKalb, IL
- Maine School Administrative District #6, Buxton, ME
- Lincoln County, Brookhaven, MS
- San Bernardino City Unified School District, San Bernardino, CA
- Las Cruces Public Schools, Las Cruces, NM
This 26-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
