The Monroe-Woodbury Central School District of Central Valley, New York emailed parents on Tuesday, announcing that the school year would start a day late, on Thursday, September 5, thanks to a ransomware attack.
What We Know About the Ransomware Attack
“Today the Monroe-Woodbury Central School District experienced a cyber security threat, which has impacted district operations … As part of the district’s regular security protocols, all data is backed up on-site and off-site on a daily basis. Currently the district’s computer network is shut down as our technical team works in conjunction with cyber security consultants to facilitate restoration of the district servers.”
The Good News About the Attack
The good news is, as outlined in the above quote, the district has standard cyber security protocols in place, particularly regular on-site and off-site data backups. This should help to mitigate the network downtime and financial impact the attack has on the district.
The Bad News About the Attack
The bad news is that, despite the school district having standard cyber security protocols, hackers still found a way to infiltrate and disrupt the network, which is likely the result of one of two scenarios:
- Hackers are using a particularly sophisticated strain of ransomware to bypass cyber security defenses
- Someone connected to the school district’s network clicked an infected attachment, which spread from their device to the entire network
School Districts Under Attack
This is the fourth school district that has fallen victim to ransomware this summer.
In New York, both Rockville Centre and Mineola were attacked by hackers who locked sensitive student and staff data. Rockville Centre ultimately paid an $88,000 ransom to release the data because they didn’t have sufficient backups. Mineola was able to restore backup files and did not pay the ransom.
In Connecticut, Wolcott Public Schools was forced to pay a ransom as well. The amount of the ransom is unknown.
How to Stay Protected
Ransomware is almost always the result of a spoof email or other infected link that injects malicious code onto the device of anyone who opens it. By far, the best way to avoid ransomware attacks is to learn how to recognize these scams.
If you have any additional questions on how to keep your network protected, contact your IT provider today.