Don’t pay the ransom! NJ schools targeted by cyber-crooks
After the pandemic began New Jersey schools that had never offered remote learning were forced to quickly adapt to an all-virtual system of instruction. This left many school computer systems with security vulnerabilities, much to the delight of cyber-criminals.
Jared Maples, the director of the New Jersey Office of Homeland Security and Preparedness, said the result has been a significant increase in ransomware attacks launched against K-12 schools.
“Schools have always been on the list of threat actors as a target but we’ve seen enough of an uptick that we wanted to highlight it as a specific issue," he said.
He said ransomware attacks start by bad actors trying to find a way into the computer system they’re targeting, usually by tricking people into clicking on a link in an email.
Once they’re able to find a way in, Maples said, “they kidnap your system, they block you out from your own system, they steal that data and they hold it hostage until you pay them a ransom.”
He said the most common type of ransomware against schools is PYSA, which stands for Protect Your System Amigo.
“But that’s one of hundreds," he said. "There’s over 200 strains of ransomware that malicious coders use to basically get access of your system, whether it be a brute force attack or a spear phishing or a phishing attack.”
He said some ransomware attacks are launched by foreign intelligence, others by criminal cartels.
“There’s a lot of money in this and there’s a lot of bad actors that want to steal your data, steal your information," he said. "It really comes down to a criminal act no different than a robbery or a theft is what it really is in the end.”
Maples said the New Jersey Cybersecurity and Communications Integration Cell, which is the division of cybersecurity within NJOHSP, recommends not paying ransomware.
“We host the known de-encryption keys to over half of the known variants for free,” he said. “So if you’re a member of our NJCCIC you can go on and there is a chance we can just de-encrypt it right there.”
He said it’s important for schools and other entities to understand there are many resources available at njohsp.gov to fight back against ransomware attacks.