A growing trend of ransomware attacks can be noticed on small-scale public entities this year. Cryptovirological operators are now targeting hospitals, medical centers, and schools where cybersecurity is not professionally maintained. In the latest such incident, a high school in New Zealand has experienced a ransomware infiltration. The cryptovirological attack has resulted in locking down the data comprising of students’ coursework.

Luckily the entire data storage of school was not engulfed by ransomware encryption because the administration was in the process of updating the cloud. The school has immediately disconnected its network after the attack and commenced ransomware removal measures. It is worth mentioning that the ransomware operators have asked for $500 in extortion money for ransomware removal.

Since ransomware failed to run a complete encryption, the staff and students’ record remained unaffected. However, fine arts and science students, who were storing their work locally, lost the data to encryption. The school hasn’t run an audit so far to estimate the extent and nature of data loss in the attack.

Security Enhancements are on the Cards

N4L is an internet company providing internet services to nearly 2,500 educational institutes including the affected school. The company was already planning to implement several cybersecurity improvements by October 2019. They have taken Fortinet, an American digital security company on board, to implement the security upgrades. Fortinet is responsible for providing content filtering protocols and robust firewall for the upgrade.

Initial investigations suggest that the ransomware strain might have penetrated into the school network through a phishing link. Phishing emails are the most common delivery method for ransomware payloads. A single click on a malicious link is proven enough to unleash the destruction of ransomware. The ministry of education has also announced to help the school in investigating the attack and extent of its damage.