Safety procedures in place by the district mitigated losses
Another school has been attacked with ransomware. Lost Altos Union HS discovered the hit when an employee tried logging into email at 5:30am the morning of January 29th. From there, the full scope of the breach was discovered.
Los Altos had some good safety procedures in place. Their staff and students were working from Google docs, a cloud service that protects files by keeping them in Google’s cloud. Additionally, the system used for grading and recording attendance is cloud based.
Ransomware insurance
Lost Altos also mentioned in their statement that they have ransomware insurance. PC Matic CEO, Rob Cheng, advises against this type of insurance, stating that it’s hurting the war on ransomware by driving up ransom prices. In this case, however, Los Altos seems to be considering using it to restore systems. The school hasn’t yet made the decision whether they’ll pay the ransom.
Seeing as how Los Altos mitigated its loss, restoring systems seem to be the better of the two options. Doing so will add to the herd resistance against ransomware. The school is still assessing the amount of data collected to make an informed decision.
Protections in place
Ironically, Los Altos had plans in place to change over their protection and phone systems when they were struck. With less than 10% of their machines encrypted, the school is looking at how to lessen the risks of another attack in the future. They mention the need for better password health, which is a recommendation PC Matic has made over and over again.
After reviewing Los Altos’ statement, it looks like they still aren’t utilizing application whitelist technology. Let’s hope that decision doesn’t lead to a second round of ransomware headaches for them in the future.