Here we go again…another school gets hit with ransomware, and this time the Souderton Area School District.
According to superintendent Frank T. Gallagher, soon after the September 1st attack that the computer network was shut down and Internet connections disabled “to prevent further damage.”
School officials say the ransomware attack caused disruptions to the district’s information technology systems, affecting school’s email and other services used by teachers.
Interestingly, per Network Disruption Frequently Asked Questions (FAQs) the school officials say they are working on decrypting ransomware locked files – a task seemingly impossible to accomplish unless you possess the decryption key(s). It begs the questions: Did they not have a viable backup to restore from? Did the district pay the ransom to criminals? We may never find out.
As of this writing, the school continues to experience a network disruption according to announcement on their website.
Takeaways
Backups!! Do and test all the backups!
Invest in Security Awareness Training!
A solid business continuity plan, aware employees and robust backups will get you through relatively unscathed during such calamities.