Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Education Security IT

Over 500 US Schools Were Hit By Ransomware in 2019 (zdnet.com) 27

In the first nine months of the year, ransomware infections have hit over 500 US schools, according to a report published last week by cyber-security firm Armor. From a report: In total, the company said it found and tracked ransomware infections at 54 educational organizations like school districts and colleges, accounting for disruptions at over 500 schools. To make matters worse, the attacks seem to have picked up in the last two weeks, with 15 school districts (accounting for over 100 K-12 schools) getting hit at the worst time possible -- in the first weeks of the new school year. Of these 15 ransomware incidents, Armos said that five were caused by the Ryuk ransomware, one of today's most active ransomware strains/gangs. Overall, Connecticut saw ransomware infections hit seven school districts throughout 2019, making them the state whose educational institutions were compromised the most by ransomware attacks this year. But while Connecticut saw the most ransomware infections targeting school districts, it was Louisiana who handled the attacks the best when, in July, Governor John Bel Edwards declared a state of emergency in response to a wave of ransomware infections that hit three school districts. The governer's actions rallied multiple state and private incident response teams together and helped impacted school districts recover before the new school year, without paying the hackers' ransom demand.
This discussion has been archived. No new comments can be posted.

Over 500 US Schools Were Hit By Ransomware in 2019

Comments Filter:
  • It would be cool if, once, the ransom was in a low-value alt coin, just to see the look of the people reading it.

    "They want HOW MANY dogecoins??!?!"

  • Seems like a massive fail right there.

  • So, if they want 30 grand. Pay out 30 grand for them to be put in the hospital.
    • by gweihir ( 88907 )

      You do not know who these people are. Also, vigilantism is illegal for good reasons.

      • Also, vigilantism is illegal for good reasons.

        I would think putting a bounty on their head would capture more of these people then the police do. And once captured, they accidentally fall down a flight of stairs prior to being turned over to the police.
      • by sjames ( 1099 )

        Vigilantism is the natural result of civil authorities failing to keep the peace.

  • Loss of ALL your docs is just a larger scale example of what happens if some one Principal's PC dies and takes all budget and planning docs with it IF YOU DON'T HAVE SECURED BACKUPS THAT USERS (AND USER MALWARE) CANNOT REACH
    Ransomware is just a way to exploit really irresponsible backup and archiving procedures. Admins are not victims here.

    • They are victims... without a backup plan [instantrimshot.com].

      • by v1 ( 525388 )

        They are victims... without a backup plan

        So, to quote Blazing Saddles, "you know, morons!"

        And while we're at it, it's also appropriate to quote Terminator 2, "Are we learning yet?"

    • by rho ( 6063 ) on Tuesday October 01, 2019 @12:33PM (#59257570) Journal

      You should look into what passes for IT in public school systems. At best it's a running list of private contractors. At worst it's the superintendent of school's nephew who "knows about computer stuff."

      We have umpty-billions of Linux distros that cater to the smallest segments of a tiny market. Why not a distro that directly meets the needs of public schools? Debian has one, and SUSE has one I think, and that may be a good starting point, but I mean one that addresses the very particular requirements of public schools. Upgrades have to be automatic, the hardware requirements must be low, and provisioning laptops and/or tablets is a requirement. Integration with web hosting (either local or positioned on cloud services), hardened email, calendaring. A testing environment that locks the user into a single session to prevent cheating. Simple tools for generating drills and exercises. Typing tutors. Databases for records. And of course, a full-time automatic backup built into every service.

      Get a dozen nerds and a couple million bucks together and test it out on the public schools of Plentywood, Montana or somewhere.

    • Where did you get the idea that any of these schools lost all of their docs or didn't have secured backups? There is no mention in the article that any of the schools failed to recover from the attack. In fact it says they did recover. Further, there is no mention of any of the schools succumbing and paying the ransom. It only reports that the schools were attacked.
      • If everyone practiced good backup discipline, there would be no ransomware stories about schools or anybody else. In fact, there'd be no ransomware. It only happens because some people are not doing backups

  • Comment removed based on user account deletion
    • Comment removed based on user account deletion
      • And that is why instead of paying the ransom, and using that money for a bounty on their head. Is a much better solution.
    • I agree with you, BUT.... We need to blame all parties involved. Good backups are not just protection against malware and threats. It's the responsible thing to do for anyone managing any system. The IT world does tend to blame the victim but we also need to be better at educating.
    • I love the posts in stories like this where the poster says to track down the perpetrators. It is extremely easy to launch an attack like this while remaining undetectable.

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...