School districts are becoming increasingly popular targets for ransomware, with at least five of these attacks occurring in July, according to the New York Times.
The Governor of Louisiana declared a state of emergency on July 24th after three of its school districts fell victim to ransomware. Christina Stephens, a spokeswoman for the governor, told the Times that the three attacks shared similar characteristics. She added that the state is working to recover from the attacks before the beginning of the school year in early August.
“We’re operating as we would in any national disaster,” Stephens said. “We’re using the same kind of hierarchy that we use during hurricanes.”
Likewise, the school district of Syracuse, New York, was hit by ransomware on July 8th. The district said that its insurance provider would cover the cost, but the district will pay a $50,000 deductible. It’s not clear if the district decided to pay the ransom or not.
Another attack hit the Houston County School District in southeastern Alabama sometime in July, which forced the district to postpone the first day of school for two weeks. Superintendent David Sewell said that the computers still probably won’t be ready in time, so teachers will most likely be using pen and paper to take roll.
Keith R. Krueger, the CEO of the Consortium for School Networking told the Times that IT staff at primary and secondary schools are now ranking ransomware as their top fear. Dr. Eva Vincze from George Washington University said that schools are an easy target because they often can’t afford sophisticated defenses.
“Most school systems, especially in small communities, do not have the resources to keep up with each generation of threats that bad actors come up with,” Vincze said.
One of the best defenses against ransomware attacks is employee education. New-school security awareness training can complement your technical defenses by enabling your employees to thwart phishing attempts.
The New York Times has the story: https://www.nytimes.com/2019/07/28/us/hacker-school-cybersecurity.html
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://www.knowbe4.com/phishing-security-test-offer