We've written a lot about ransomware attacks hitting schools, and now there's reports of another big one.
The Baltimore County Schools, home to 115,000 students, was hit with a ransomware attack, taking the school offline for at least a few days. It's unclear exactly what ransomware strain it was, though some teachers reported seeing a 'ryuk' extension, meaning it could be from the Ryuk gang.
Regardless, ransomware against schools is rising. And though we've seen a number of attacks on large districts, like Fairfax, Virginia (188,000 students);Toledo, Ohio (23,324 students) and Fresno, California (73,428 students), we've also seen it on smaller districts, like Newhall, California (6,537 students); King George County, Virginia (4,477 students), and Somerset, Massachusetts (1,800 students).
It's so common that this is a refrain that cybersecurity reporter Chris Bing heard from a teacher friend:
A friend who works as a teacher In Maryland had classes cancelled today because of ransomware. They described ransomware as "the new snow day" because it is so common :/— Chris Bing (@Bing_Chris) November 25, 2020
In a new report, Emsisoft found that there was a staggering 388% increase between Q2 and Q3 in 2020 in successful ransomware attacks against educational institutions. Nearly a third of these successful attacks involved data exfiltration.
The third quarter increase is keeping with a trend from 2019—it's when schools start up again, making them potentially more vulnerable.
At this point, schools should be expecting a ransomware attack.
Avanan has vast experience protecting EDUs and have a few resources that could help you make informed security decisions:
We wrote a few years back about how we secured Bethel School District in Washington State:
We also wrote about how we protected a university as it was dealing with an onslaught of COVID-19 related attacks:
And finally, on December 10th at 1pm ET we'll have a webinar focused on the specific threats that the education sector is facing. Join Matthew Dixon, Network Administrator, Security, at a Southern Community College, who will share best practices around stopping phishing–the number one threat vector for educational institutions. This webinar will also focus on different attack trends, specifically targeting Higher Education, and Matt will share some of the ways he is solving these problems.