Ransomware is joining the winter storms and coronavirus fears on the list of problems that have already disrupted schools across the country in the new year.
Finalsite, a school website services platform, was hit by a ransomware attack earlier this week. The platform said via Twitter that its security team identified ransomware on certain systems on Tuesday and it was working to prevent another attack.
Finalsite spokeswoman Morgan Delack said the platform took its own system offline — rather than wait for attackers to wreak more havoc.
<!– Temp removal of in article reco
End comment –>
“We proactively went offline immediately upon learning of what happened in order to protect and secure our data,” said Ms. Delack in an email on Friday. “In doing so, we took approximately 5,000 school websites offline and rebuilt them in a new, safe environment. Because it was a complete reconstruction of data, it has taken some time to get up and going. At this time, the majority of our websites are back online in this new safe environment.”
Finalsite services more than 8,000 schools and universities in more than 115 countries, according to its website. Some of those institutions were still reporting issues as of Friday morning.
For example, Tulsa Public Schools in Oklahoma said via Twitter that its website had functionality issues caused by the Finalsite cyber problems.
Ms. Delack said Finalsite is working with a forensic specialist to investigate the attack, and she said Finalsite does not have evidence that data was compromised. She cited the ongoing investigation as the reason she would not answer questions about the cyberattack itself, and said the investigation could take two weeks to complete.
Educational institutions have emerged as a popular target for ransomware attackers since the coronavirus pandemic pushed more students into remote learning. Ransomware attacks against K-12 schools increased at the start of the 2020 school year, according to the Multi-State Information Sharing and Analysis Center (MS-ISAC) and published on the Cybersecurity and Infrastructure Security Agency’s website.
Higher educational institutions are also struggling to overcome cyberattackers. For example, last month, George Washington University suffered cyber breaches affecting the law school and the university’s online time reporting system.