Students returned to Flagstaff (Arizona) Unified School District (FUSD) schools on September 9 following a ransomware attack that forced 15 schools serving more than 9,600 students to close on September 5 and 6.The ransomware attack, which infected multiple district servers, was first discovered on September 4. District officials reportedly worked over the weekend to try to secure its Internet-facing systems and assess damage from the cyber extortion. The infection involved some 2,000 devices, reports said. Security personnel from a local Community College and other organizations are helping the school district’s internal security team, according to the Arizona Daily Sun. The district didn’t say if managed service security partners had also been called in to help with the recovery process.At this point, the hackers have not been identified, nor are they likely to be, based on previous ransomware attacks on schools. District Technology director Mary Knight confirmed that the hackers had left a ransom note that did not demand a specific dollar amount to unlock the district’s systems. Instead the kidnappers left a note inviting the school district to negotiate with them. Knight told the Arizona Daily Sun that the district would not haggle with the crooks.Louisiana: Gov. John Bel Edwards declared a statewide emergency last month in response to ransomware attacks on three school districts, and authorized state resources and cyber assistance to help the districts. New York: In late August, Rockville Centre school district in Long Island, New York paid hackers nearly $100,000 to recover data from a Ryuk ransomware attack. The same malware was used in another attack on a neighboring school district in Mineola, New York. That district, however, declined to pay the ransom and chose to restore its data from backups. In late July, an attack took down the Syracuse, NY school district’s computer system. Oklahoma: Broken Arrow Public Schools were victimized when an attacker encrypted their network and demanded payment to unlock it. Virginia: Both the school district and the county government in Spotsylvania County were the victimized by email scams in which they paid $600,000 to a scammer, believing they were paying for a new football field. While the war so far is one-sided in the cyber kidnappers’ favor, state governments have begun to fight back:New York: The state’s Education Department on July 29 requested that its regional information centers and Big 5 school systems — Buffalo, Rochester, Syracuse, Yonkers and New York City — take its warehouse offline to scan for malware and vulnerabilities. North Dakota: Enacted new law last April that enables the state’s Information Technology Department to oversee a cybersecurity strategy for all executive branch state agencies, as well as counties, cities and school districts. Texas: In June, Gov. Greg Abbott signed a bill requiring school districts to adopt cybersecurity policies. The legislation mandates that the superintendent of each school district appoint a cybersecurity coordinator to serve as a liaison with the Texas Department of Information Resources. An MSP paying hackers $150,000 to unlock data; hackers specifically targeting MSP software platforms to launch ransomware attacks; and Ryuk ransomware hitting a CSP that works closely with MSPs. Hackers worldwide have been hitting MSPs of all sizes — not just global technology service providers. The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.Amid those challenges, the MSP industry (spanning technology companies, service providers and more) could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.In response, MSP software providers and their channel partners are increasingly activating two-factor authentication as a means to stop hackers from entering systems.Additional insights from Joe Panettieri.