At least 72 U.S. school districts and/or educational institutions have suffered ransomware attacks in 2019, according to research from cloud security and compliance solutions company Armor.
In addition, Armor identified 11 ransomware attacks since October 20 that affected the following U.S. school districts:
- Wood County Schools in Parkersburg, West Virginia.
- Port Neches-Groves Independent School District in Port Neches, Texas.
- Penn-Harris-Madison School Corporation in Mishawaka, Indiana.
- Livingston New Jersey School District in Livingston, New Jersey.
- Chicopee Public Schools in Chicopee, Massachusetts.
- Claremont Unified School District in Claremont, California.
- Sycamore School District 427 in DeKalb, Illinois.
- Maine School Administrative District #6 in Buxton, Maine.
- Lincoln County in Brookhaven, Mississippi.
- San Bernardino City Unified School District in San Bernardino, California.
- Las Cruces Public Schools in Las Cruces, New Mexico.
To date, 269 publicly announced ransomware victim organizations have been identified in the United States in 2019, Armor reported. Among these organizations, municipalities (82) ranked first, followed by school districts and/or educational institutions (72), healthcare organizations (44) and MSPs and CSPs (18).
How to Combat Ransomware Attacks
Cybercriminals launch ransomware attacks against organizations across all industries, and Armor offers a variety of tips to help organizations combat these attacks, including:
- Leverage multiple backups of data, applications and application platforms and ensure that these backups are air-gapped from the Internet and password-protected.
- Deploy a whitelisting solution that limits the use of applications and processes that are allowed to run in an IT environment.
- Use file integrity monitoring solutions to track activity across an IT environment.
- Undergo security audits and penetration testing performed by independent, third-party cybersecurity experts to identify security gaps and explore ways to eliminate these gaps.
- Provide cybersecurity training to teach employees about current and emerging cybersecurity risks and phishing emails.
- Use an endpoint protection solution across laptops, workstations and mobile devices.
Furthermore, MSSPs can offer security services to help organizations keep pace with evolving ransomware attacks — or leverage various security solutions to protect customer and employee data against these attacks. They also can help organizations develop effective cybersecurity strategies designed to guard against ransomware attacks both now and in the future.