iVenture : 20 Years of Business Friendly IT

A $40 Million Eye-Opener: Ransomware Attack on Broward County Schools

Broward County School District was hit with a $40 million ransomware attack. This is an eye-opener for all schools on how to prevent the same situation.

ransomware attack on broward county schools

It’s no April Fools’ Joke. The Broward County Public School system was hit with a ransomware attack. The amount demanded? A staggering $40 million.

The group behind the attack, Conti, threatens to destroy files, release personal information and lock the entire system if demands aren’t met. In tech speak, they performed an attack called data exfiltration.

Beside breaking FERPA regulations for thousands of students, permanent damage to Broward County’s reputation is on the line. Not to mention hundreds of thousands of dollars in cybersecurity remediation.

Why Do Hackers Attack School Districts?

As this story unfolds, let’s look at why schools are such a popular target for hackers. After all, 57% of ransomware incidents reported in August/September 2020 involved schools.

We spoke to Ryan Williams, principal consultant:

“Schools are the perfect trifecta for hackers. They’re vulnerable, they’re backed by big government (able to pay $) and they’re newsworthy.


Many schools just don’t invest in the proper safeguards. Hackers know this. They also know that threatening student information is a real motivator for schools to pay up.


This is why we also see local governments attacked. Hackers know that big government can pay out large sums of money to make the problem go away. It’s all-too-common.”

How to Prevent School Ransomware Attacks

While Broward County learns a tough lesson, what can other school districts do to prevent the same situation? Take back power from threat groups.

End vulnerability by getting educated and investing in proper cybersecurity. Here are a few examples:

Standardize Security Measures

-Setup two-factor authentication on all accounts

-Regular password expirations

-Consistent patching

-Up-to-date antivirus software

-Establish firewall policies

Train School Staff

-Link checking


-Penetration testing

-Triangulating sources

-Public WiFi & auto-connecting

Invest in Better File Back Ups

-Hardware, software, cloud

Public vs. private cloud

-Understanding redundancy

Vet IT Companies Thoroughly

Perhaps most importantly, choose IT companies carefully. They’re the first line of defense against hackers. Questions like these are critical to ask:

-What’s your current password complexity/expiration policy

-What’s your user termination policy? (It should be documented on paper)

-What compliance certs do you hold (HIPAA, SOC, PCI DSS, SSAE)?

-How often are data backups performed and how often does a test restore occur? (Important with the rise of malware)

-How are issues/resolutions documented? (Knowledge should be shared between team members; no kingdom keeper)

-What security updates get installed, when and what type of pre-installation vetting?

Broward County School District may be the latest target, but it won’t be the last. School attacks are escalating as education goes more online. E-learning is another vulnerability to beware of.

The comforting news is schools don’t have to be sitting ducks. With the right cybersecurity and education, hackers have no chance. Take your power back. We can help.

Let’s Talk

iVenture’s award-winning team delivers managed services, cloud and cybersecurity to Florida’s best businesses. With statewide coverage, our offices in Jacksonville, Orlando and Tampa make us your local IT partner. Whether you need end-to-end IT or a boost to your internal IT team, we’re ready. At iVenture, we give you more time to do what matters most.

Back to Blog

Recommended For You

Latest Article

Am I Still At Risk? 20 Recommended Cybersecurity & Risk Management Services

While businesses adjust to this new normal, cybersecurity has taken a backseat. It’s time to get back on track. Here’s 20 recommended cybersecurity and risk management services.

Cybersecurity Threats: How to Combat Them

With the explosion of the internet, our digital lives have become…

15.1 Billion Reasons To Take Cybersecurity Seriously

After a year of the largest data exposure ever, cybersecurity should be top-of-mind for businesses leaders across all segments. Get started today by learning about password security, educating employees, minimizing data exposure risks through technology, and ensuring your vendors are secure.

The Mistake-free way to end remote work

The Mistake-Free Way To Bring “Dirty” Computers Back To Work

A must-read for IT managers. Learn the mistake-free way to bring unsecure, risky computers back to the workplace after remote use. Find out what security steps to take.