Educause Security Discussion mailing list archives
Risks from partner/3rd party who's victim of ransomware attack
From: "Jim A. Bole" <jbole () STEVENSON EDU>
Date: Mon, 30 Nov 2020 14:48:53 +0000
Are there any good precautionary measures to help reduce risks coming from a partner who's been the victim of a ransom attack? The K-12 org in our area was hit by a major ransomware attack just before Thanksgiving: Baltimore County schools closed Monday, Tuesday due to ransomware attack (wbaltv.com)<https://www.wbaltv.com/article/baltimore-county-public-schools-closed-monday-tuesday-ransomware-attack/34811334> We have some students and faculty who are also connected with the school district (BCPS). They just got their public-facing website back up yesterday: Baltimore County Public Schools (bcps.org)<https://www.bcps.org/> Out of an abundance of caution, we've temporarily quarantined all inbound email from BCPS. We are also recommended that anyone who may have used their personal computer to connect to BCPS resources to not use the device until more information is known. We're also doing a general review of good practices (patching, monitoring, etc). Our VPN is limited to a handful of key staff members. Most faculty/staff/student connecting remotely to resources via cloud apps or RDP instance restricted to a few on-prem apps. Jim Bole Director of Information Security Stevenson University 1525 Greenspring Valley Road Stevenson, MD, 21153-0641 jbole () stevenson edu | O: 443-334-2696 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Risks from partner/3rd party who's victim of ransomware attack Jim A. Bole (Nov 30)
- Re: [External Email] [SECURITY] Risks from partner/3rd party who's victim of ransomware attack Michael J Behun (Nov 30)