A Michigan school district is reporting a ransomware attack, the latest in a surge of cyberattacks against governments, agencies, and schools. As reported by local news WNEM, the superintendent of Saginaw Township Community Schools, Bruce Martin, noticed a sign of compromise on Feb. 20. As quoted by WNEM, Bruce Martin stated the following about the incident:
We were starting to get some emails from teachers saying they were having trouble getting into our network... We have a tremendous amount of support from Saginaw Intermediate School District and their tech team, and we were actually able to get everything back online on Monday.
The Michigan State police force and the FBI soon came together in a joint investigation into the incident. Per a report by local ABC News affiliate WJRT, investigators are in communication with the unnamed cybercriminals who are responsible. It is unknown what they want, but most instances tend to be financial motivation, with leaking and destruction of files being a secondary goal.
It is unknown how the school district came under a ransomware attack, but the most likely explanation is opening a malicious email. Ransomware gangs send out phishing emails en masse with the hope of hooking an individual who is unaware. From there, as ransomware is incredibly powerful, it is only a matter of time before an entire network is compromised.
When interviewed by Michigan’s WNEM, Carl Heiden, president and CEO of Heiden Technology Solutions, gave advice that InfoSec professionals hammer home often:
About 90 percent of all ransomware attacks, malware, spyware, all those attacks are initiated by a user essentially clicking on a link whether it be in an email or on a website... It’s that user education user prevention... Essentially if it sounds too good to be true, chances are it is.
Ransomware is here to stay, but it doesn’t have to be as much of a threat as it is currently. Just be smart out there.
Featured image: Shutterstock