Cloquet School District Again Targeted by a Ransomware Attack

Spamfighter reports:

Cloquet school district has been hit by a ransomware attack second time in the past three years. The ransomware is a virulent computer malware, which attacks by spreading from one computer to another and locking up the access to the network servers. The ransomware also encrypts the documents and then demands ransom for providing a key to unlock encrypted files.

In March 2016, the previous occasion when the ransomware attacked, the district cancelled the school for one day so as to let the technology staff have time for recovering from the malware. During that attack, the district servers as well as over 600 computers got infected badly.

The current attack took place during the summer vacation, and was not as harmful as of last time. As per staff report from T.J. Smith, Cloquet School District Technology Director, the virus has encrypted files available on all the servers except one, this included the network shared drives. However, the attack does not indicate stealing of any information. The virus only encrypted the files, so that the users were not able to open them.

Read more on Spamfighter.

So what is the district doing about preventing a third ransomware incident? Are employees falling for phishing attacks? What happened in the 2016 and 2018 attacks that gave attackers a footing?

h/t, @k12cybermap

About the author: Dissent