Risks from partner/3rd party who's victim of ransomware attack

["Jim A. Bole" <jbole () STEVENSON EDU>]

Are there any good precautionary measures to help reduce risks coming from a partner who's been the victim of a ransom 
attack?

The K-12 org in our area was hit by a major ransomware attack just before Thanksgiving:

Baltimore County schools closed Monday, Tuesday due to ransomware attack 
(wbaltv.com)<https://www.wbaltv.com/article/baltimore-county-public-schools-closed-monday-tuesday-ransomware-attack/34811334>

We have some students and faculty who are also connected with the school district (BCPS). They just got their 
public-facing website back up yesterday: Baltimore County Public Schools (bcps.org)<https://www.bcps.org/>

Out of an abundance of caution, we've temporarily quarantined all inbound email from BCPS.

We are also recommended that anyone who may have used their personal computer to connect to BCPS resources to not use 
the device until more information is known.

We're also doing a general review of good practices (patching, monitoring, etc).

Our VPN is limited to a handful of key staff members. Most faculty/staff/student connecting remotely to resources via 
cloud apps or RDP instance restricted to a few on-prem apps.

Jim Bole
Director of Information Security
Stevenson University
1525 Greenspring Valley Road
Stevenson, MD, 21153-0641
jbole () stevenson edu | O: 443-334-2696



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community