November 30, 2020
Baltimore, Huntsville Schools Closed Following Ransomware Attacks
Baltimore County Public Schools was the victim of a malware attack just ahead of the Thanksgiving holiday weekend, forcing schools to be closed from the day of the attack on Wednesday, November 25th, through Tuesday, December 1st. The attack has impacted more than 115,000 students in 175 schools.
Schools in Huntsville, Alabama are also unable to operate - including virtually - for at least a week following an attack on the district’s network. It’s currently not known what data was compromised if any, or when a resolution will be reached.
This is not the first time large school districts have been impacted - Clark County School District, Nevada’s largest public school system, was hit earlier this year, along with a successful attack on Fairfax County schools in Virginia in September.
It’s possible the hackers that targeted Baltimore County Public Schools had been lurking in the school’s systems for weeks, waiting to encrypt their data when the district was most vulnerable - just ahead of a long holiday weekend. According to Atlantic Data Forensics, a Baltimore-area IT firm specializing in ransomware defense, the shift to remote learning as a result of the COVID-19 pandemic may have made the district an easy target.
With so many organizations having shifted to remote work as a result of COVID-19, cybersecurity efforts have never been more imperative to keep data secure. According to our annual State of the Channel Ransomware Report, education is among the top five industries most susceptible to ransomware due to COVID-19.
As managed service providers (MSPs), you play a crucial role in helping your clients with these efforts. Be sure your clients are aware of the risks, how they evolve with current events, and how to prevent a successful attack. Here’s a quick overview of a comprehensive ransomware protection strategy:
- Client education: Be sure your client base is up to date with information on the latest risks and tactics used by hackers
- Antivirus: A necessary piece of the puzzle, but certainly not the be-all and end-all for ransomware protection.
- Business continuity and disaster recovery (BCDR): More than just data backup, BCDR tools offer point-in-time rollback or restore, giving MSPs the ability to “turn back the clock” to a time before the ransomware attack occurred. In other words, you can restore systems to the state they were in immediately before the attack, ensuring minimal data loss.
To learn more about how to best protect your clients from ransomware, take a look at our eBook: Comprehensive Ransomware Protection: Detection, Response, and Recovery.