Ch: General trade school (Allgemeine Gewerbeschule) hit by Ryuk ransomware

The following is a translation of a press release from the Canton of Basel-Stadt Education Department that appears at

All of the school’s servers are currently unavailable, so no data can be accessed. To ensure that school starts on Monday, a temporary WLAN network was activated, the data center isolated and the host systems shut down completely. The Department of Education filed a complaint against unknown persons and the incident was reported to the National Center for Cybersecurity.

The attack was carried out with what is known as ransomware, also known as an extortion trojan. Initial studies show that this is the RYUK software. This approach suggests professional circles that RYUK attacks are currently primarily affecting hospitals and educational institutions. The servers were probably infected by accidentally opening an email attachment.

The IT departments of the canton and the department are currently working at full speed to rescue data and reduce the impact of the attack. How much of the data can be restored is currently the subject of clarification.

Since the e-mail systems are affected, the learners and teachers were informed by post. At the start of school, an external website will be set up on which learners can contact the school with their questions.

The school administration’s servers are not affected by the hacking attack.

h/t, @Chum1ng0

About the author: Dissent

Comments are closed.