Baltimore County Public Schools (BCPS) announced that all of its schools were to be closed on Monday, 30th November and Tuesday, 1st December after a ransomware attack rendered its IT systems insecure.
Students and staff alike were advised not to use any equipment provided by the County, nor to log into any of its online portals or services from any device.
So, why was BCPS attacked and what could it have done to prevent the intrusion?
See our guide to the Best Antivirus Software to choose
What is Ransomware and Why Target Schools in Baltimore?
Ransomware is a growing, but far from new, method of cybercrime. On a small scale, ransomware attackers target files or drives on a computer and lock them from use by the computer's rightful owner. The attackers then demand payment in order to unlock the files.
(1/3) Due to the recent ransomware attack, Baltimore County Public Schools will be closed for students on Monday, November 30, and Tuesday, December 1. BCPS offices will be open and staff will receive additional information about Monday and Tuesday.
— Baltimore County Public Schools (@BaltCoPS) November 28, 2020
However, as with any ransom, there's no guarantee that you'll get the thing you want back, even after paying.
How does Ransomware work?
For cybercriminals, the potential returns for holding one person's files or data ransom are chump change. The real money exists with ransomware at scale — this is why thousands of Maryland children couldn't go to school at the start of December.
Businesses typically have much more money than individual users, meaning that criminals can charge far greater ransoms. Now, while US public schools aren't necessarily awash with cash, they often have ageing IT infrastructure making them easier to attack than, say, an investment bank. What's more, the potential to inconvenience hundreds of thousands of people will make the attack seem far more significant.
What's more, with the COVID-19 pandemic, workers and students are spending more time at home working and learning virtually. This means that hackers have more potential entry points to an organizations' system through unsecured home wifi networks, public wifi networks, phishing attacks, and more. Plus, it means that the potential to inconvenience lots of people becomes far more significant.
In fact, according to Sophos, ransomware attacks are remarkably common in 2020 with more than half of companies and public sector organizations being targeted. Typical ransoms in the US for encrypted data come to more than $600,000.
What Has BCPS Done About the Ransomware Attack?
Apart from shutting schools for two days, BCPS is staying coy about its response to the attack — as it should.
It has, however, declared that students using the Chromebooks it has issued are fine to start working on the systems again. This, of course, is one of the biggest advantages of using a Chromebook — they're not affected by malware, ransomware, or any other type of ware.
Unfortunately, for those with Windows PCs (which includes most of the staff), a solution has yet to be found.
Considering a Chromebook yourself? See our guide to Chromebooks vs Laptops
How Can Ransomware Attacks be Prevented?
For large organizations and individuals, there are a number of easy steps to take in order to avoid becoming the victim of a ransomware attack.
The first is by making sure you have strong antivirus protection. Windows Defender, which comes baked into every Windows 10 PC, is decent, but should certainly be augmented with some extra safeguards. McAfee's Total Protection is our favorite small business antivirus package, so it's worth taking a look at this. It'll help protect you from ransomware and phishing attacks — two of the main threats to businesses.
Similarly, a password manager will help anyone protect themselves online. You set up a master password for the password manager account and then you can assign each of your social media platforms, online banking, email providers, shopping accounts unique, complex passwords which will be impossible to guess and stop hackers jumping from one account to another with passwords you have in common.
Finally, it might be worth investing in a Chromebook or a Mac. Chromebooks are pretty much immune from viruses (though they can still be vulnerable to phishing scams) and MacOS devices are typically less susceptible to security threats than Windows devices.
Picking a ChromeOS or MacOS device isn't an excuse to do nothing more, however. The internet is chock-full of people more than willing to find a way to part with your data, your money – or both.