FinalSite, a Software as a Service (SaaS) company that tailors to creating online sites for schools to manage various aspects of the school’s website and notification services are not available due to a ransomware attack. According to FinalSite, on January 4th, they identified ransomware on various parts of their system which forced the shutdown of the service. FinalSite claims to provide service to over 8,000 schools across 15 countries, all of which are affected by the outage. For the first few days, schools were left in the dark as to why their websites were unavailable and notified parents that there was an outage. FinalSite finally announced that ransomware was the cause of the issue, but this was already after schools were unable to use their emergency notification system to shut down school for severe weather or COVID outbreaks. FinalSite did not identify which ransomware operators were behind the attack.
Analyst Notes
School have often become a target for ransomware operators because many districts lack security experts that are needed to properly protect systems. However, in this case, the fault does not lie in the hands of the schools, but rather the SaaS, FinalSite. No matter the organization or industry, whenever a third-party company is used for products, services, or software, they should always be evaluated on their security measures and incident response plans to ensure they have proper protections in place, as well as a plan in case an issue were to occur. If a company refuses to let someone evaluate their security measures, it is likely that know they have lacked in that department and do not want it to be known.
https://www.bleepingcomputer.com/news/security/finalsite-ransomware-attack-shuts-down-thousands-of-school-websites/
