On Friday, November 22nd, Livingston New Jersey school district’s infrastructure was brought down after a ransomware infection occurred. On Monday, schools were delayed in order to update faculty on the situation. While the district reports that most of their systems are back up and running, their normal phone system and Genesis Parent Access Portal are still down. The school is now assuring parents that no data has been stolen, only rendered unusable.
Analyst Notes
As ransomware attacks are unpredictable, practicing safe data management, like the 3-2-1 backup rule will ensure that data is safe in the event of an infection. The rule is: keep at least three (3) copies of data, and store two (2) backup copies on different storage media, with one (1) of them located offsite. Protecting computers with Endpoint Detection and Response (EDR) monitoring by skilled analysts is an important part of a defense-in-depth strategy to stop attacks in the early stages before extensive damage is done across many computers. Binary Defense cannot recommend paying the ransom, as there is no guarantee that attackers will supply the decryption keys needed to recover data, and payment may encourage attackers to strike again and demand even higher ransom amounts, once they know that a victim is willing to pay.
For more information: https://www.nbcnewyork.com/news/local/NJ-School-District-Hit-By-Ransomware-Attack-Officials-565407192.html
