Another Cyberattack on Michigan Schools – Districts Need to Be on High Alert

The Jackson County Intermediate School District was hit with a ransomware attack this past week resulting in canceled classes and major disruption. The cyberattack locked district accounts in schools in both Jackson and Hillsdale Counties.

The impact of this cyber incident has far-reaching implications including:

• Missed school days – Students lost valuable instruction since virtual classes were not an option. Email and other critical systems that educators, students and families use to communicate were halted.
• Ransomware – Payment demands could be in the millions—at the taxpayer’s expense.
• Major inconvenience/uncertainty for educators and the school community – Teachers didn’t have access to valuable student data. Parents had to take time off work and stay home with their children.
• Negative press – A cyber incident brings negative, unwanted attention to the district.
• Lost confidence – The school community (educators and families alike) need to be confident that their personal information is not in the wrong hands.

A similar incident happened in the South Redford School District in September. The district was a victim of a malicious cyberattack that closed schools and impacted more than 3,000 students and their families. Earlier this year, Federal agencies had warned that attacks on schools would escalate.

School districts, both public and private, should be on high alert. These cyberattacks serve as a grim reminder that schools must be proactive (instead of reactive) about their cyber hygiene and diligent about improving their cybersecurity posture to help mitigate future attacks.

The following are cybersecurity recommendations from the SensCy team:

1. There’s no magic answer. Cybersecurity is a risk that needs to be managed and included in your strategic planning. As with any other risk, cybersecurity should be visible at the top of the organization.

Recommendation: Make cybersecurity risk a standing agenda item at board meetings and executive leadership meetings.

2. 80%+ of successful cyber breaches are the result of social engineering. Your employees are your greatest risk, but they can also be your first line of defense with ongoing education.

Recommendation: Invest in your employees by educating them on how to recognize these attacks.

3. Visibility at the top + Education throughout your organization = An Active Cybersecurity Culture. An active cybersecurity culture is better protected from an incident, better prepared to respond to an incident, and able to recover and stay open should an incident occur.

Recommendation: Ensure you have a Cybersecurity Incident Response Plan. Make sure the leadership team and the IT team understand it, know how to activate it, and have practiced doing so.

4. Security patches cannot be ignored. They are released because a vulnerability has been identified. Every day you wait to install them puts you at greater risk.

Recommendation: Institute a policy that ensures security patches are installed within 24 hours of release. Ensure your team is accountable for doing so.

5. Backing up your data is critical to ensuring you don’t fall victim to Ransomware.

Recommendation: A successful recovery from a Ransomware incident requires that your data is backed up on a separate network or in a cloud service designed for this purpose. Back up your data daily!

To learn more about these recommendations, read You’ve Been Hacked! Now What? by Raj Patel. With more than 25 years of experience helping clients with their cybersecurity, Raj’s insights will get you thinking the right way about your cyberhealth.

Want to find out how vulnerable your organization is to a cyberattack?

Your SensCy Score is a good indication of your organization’s cyber hygiene and preparedness. It is like a credit score for your cyberhealth. We can generate your score in less than 30 minutes—at no cost or obligation to you. Click here to get your free SensCy Score or visit www.senscy.com to learn more.