Hartford is the capital of Connecticut – a state enjoying a surge of home buying as people leave New York City thanks to Covid-19 and a recent crime wave. Connecticut can be divided into a few sections. Fairfield County is closest to Manhattan and as a result, is linked to the Big Apple via train and also financially as many people living in the county commute to New York. After Covid-19, many of them are obviously telecommuting.
North of Fairfield County is the Route 8 corridor called “The Valley” and it is an area of the state that used to do a lot of manufacturing before Chinese competition shuttered the majority of the factories. Going northward you will run into New Haven which is home to Yale University and of course Pepe’s Pizza, one of the best pizza places in the country. If you keep going close to the coast, you get to some casinos named Foxwoods and Mohegan Sun and eventually Rhode Island. If you proceed inland, you eventually get to Hartford – once the insurance capital of the world and a thriving city.
Sadly, this city was just hit with ransomware which will delay it from opening its schools. The attack happened over the weekend.
The state's capital did not become aware of the attack until Saturday, September 5th, after the hackers deployed ransomware and began encrypting the devices on the district's network.
As this attack affected not only classroom computers but also the system responsible for transportation routes, the school district postponed school opening until they can fully recover their systems.
According to Mayor Bronin, no ransom demand was given, and Hartford has no plans on paying the ransom.
"There was no specific ransom demand. There was language, text that was installed and discovered on many systems, that said this is a ransomware attack and asked that we contact a particular email address. Needless to say that we are not contacting that email address. We will let law enforcement deal with that," Bronin stated in a live press conference this morning.
Bronin further stated that they did not believe any data was stolen, but are looking into it further.
"To the best of our knowledge, no data was stolen, although we will continue to do everything we can to say with 100% confidence," Bronin stated.
We at Apex Technology Services have been warning about these threats for a long time. We just reported on Livingston, New jersey schools being hit with ransomware late last year. About a year ago, we told you China and others were going after schools – looking to infect them.
If you have been following our articles and news for a while, you know we sounded a ransomware alarm for schools back in 2017 in fact.
In the past, we have told you ransomware has become Extortionware – meaning the hackers not only hold your data until they get a ransom payment… If you choose not to pay, they just start to release your confidential data online until you do. Even worse – this has become such a successful business for many that they have an affiliate program allowing anyone to infect a company or organization for the hacker and receive a million dollars or more for their efforts!
Cybersecurity is a complex field but the human element is a weak link and technology alone has not to date, been a replacement for well-trained workers.
Yes, you need to ensure systems are patched, firewalls are configured properly, that you have a SIEM, anomaly detection solution and SOC in place but don’t forget the humans.
At Apex Technology Services we can help with all the above tech but also, perform cybersecurity training which is live and in-person or more recently, “Zoom” and in-person. During these sessions, we see 90-100% engagement levels and workers typically ask a lot of great questions and seem to learn from the sessions. We bundle this training with phishing – we use our own PHISH360 platform to send them phishing attacks before and after the training, We always see a huge improvement when this is done.
Companies must do this quarterly until none of the employees are tricked by phishing messages. Then, they can scale back based on budget and if they see the team has effectively learned what not to click on. New employees present yet another challenge and should be trained as well.
A high-school student masterminded a ring of hackers that took down one of the best companies in Silicon Valley. It was all because users were tricked. The biggest takeaway is training and phishing simulation must be performed regularly to keep your company protected.
Ask the experts at Apex Technology Services about how we can help your organization stay secure.