iVenture : 20 Years of Business Friendly IT

A $40 Million Eye-Opener: Ransomware Attack on Broward County Schools

Broward County School District was hit with a $40 million ransomware attack. This is an eye-opener for all schools on how to prevent the same situation.

ransomware attack on broward county schools

It’s no April Fools’ Joke. The Broward County Public School system was hit with a ransomware attack. The amount demanded? A staggering $40 million.

The group behind the attack, Conti, threatens to destroy files, release personal information and lock the entire system if demands aren’t met. In tech speak, they performed an attack called data exfiltration.

Beside breaking FERPA regulations for thousands of students, permanent damage to Broward County’s reputation is on the line. Not to mention hundreds of thousands of dollars in cybersecurity remediation.

Why Do Hackers Attack School Districts?

As this story unfolds, let’s look at why schools are such a popular target for hackers. After all, 57% of ransomware incidents reported in August/September 2020 involved schools.

We spoke to Ryan Williams, principal consultant:

“Schools are the perfect trifecta for hackers. They’re vulnerable, they’re backed by big government (able to pay $) and they’re newsworthy.

 

Many schools just don’t invest in the proper safeguards. Hackers know this. They also know that threatening student information is a real motivator for schools to pay up.

 

This is why we also see local governments attacked. Hackers know that big government can pay out large sums of money to make the problem go away. It’s all-too-common.”

How to Prevent School Ransomware Attacks

While Broward County learns a tough lesson, what can other school districts do to prevent the same situation? Take back power from threat groups.

End vulnerability by getting educated and investing in proper cybersecurity. Here are a few examples:

Standardize Security Measures

-Setup two-factor authentication on all accounts

-Regular password expirations

-Consistent patching

-Up-to-date antivirus software

-Establish firewall policies

Train School Staff

-Link checking

-HTTP vs HTTPS

-Penetration testing

-Triangulating sources

-Public WiFi & auto-connecting

Invest in Better File Back Ups

-Hardware, software, cloud

Public vs. private cloud

-Understanding redundancy

Vet IT Companies Thoroughly

Perhaps most importantly, choose IT companies carefully. They’re the first line of defense against hackers. Questions like these are critical to ask:

-What’s your current password complexity/expiration policy

-What’s your user termination policy? (It should be documented on paper)

-What compliance certs do you hold (HIPAA, SOC, PCI DSS, SSAE)?

-How often are data backups performed and how often does a test restore occur? (Important with the rise of malware)

-How are issues/resolutions documented? (Knowledge should be shared between team members; no kingdom keeper)

-What security updates get installed, when and what type of pre-installation vetting?

Broward County School District may be the latest target, but it won’t be the last. School attacks are escalating as education goes more online. E-learning is another vulnerability to beware of.

The comforting news is schools don’t have to be sitting ducks. With the right cybersecurity and education, hackers have no chance. Take your power back. We can help.


Let’s Talk

iVenture’s award-winning team delivers managed services, cloud and cybersecurity to Florida’s best businesses. With statewide coverage, our offices in Jacksonville, Orlando and Tampa make us your local IT partner. Whether you need end-to-end IT or a boost to your internal IT team, we’re ready. At iVenture, we give you more time to do what matters most.

Back to Blog

Recommended For You


Latest Article

ransomware attack on broward county schools

A $40 Million Eye-Opener: Ransomware Attack on Broward County Schools

Broward County School District was hit with a $40 million ransomware attack. This is an eye-opener for all schools on how to prevent the same situation.

Expert Takes: Cybersecurity Tips for Your Business

Although October is the nationally designated month for…

When is the right time to get cybersecurity?

When Is the Right Time to Get Cybersecurity

When’s the right time for you to get cybersecurity? Yesterday. Ideally

Have You Heard of These Weird Cybersecurity Risks?

As internet users, we’re all aware that sometimes the web isn’t so…