Ransomware Attack Should Have Been Anticipated

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

(TNS) — Buffalo Public Schools leaders were taken by surprise by the ransomware attack on the district’s network Friday. But they shouldn’t have been.

Cybercriminals are particularly fond of targeting government agencies and school districts, which are generally less likely to devote the financial resources necessary to guard against attacks, according to cybersecurity experts.

“It’s very common for schools to be targeted,” said  Holly Hubert , founder of Amherst-based GlobalSecurityIQ.

According to the K-12 Cybersecurity Resource Center, nearly 350 cyberattacks on school districts or educational agencies were publicly reported in 2019, three times more incidents than the year before. But that figure has been rising over the past year.

Close to home, the Victor Central School District near Rochester was down for a week early last month due to a ransomware attack.

Not only are school districts less likely to hire cybersecurity experts or invest in the outside services needed to prevent ransomware and other cybersecurity attacks, experts said, but school districts have become even more vulnerable because they’ve had to fast-track new remote learning models due to the coronavirus pandemic.

“They were trying to do the best they could to keep things moving, but obviously if you move too quick, you’re going to leave vulnerabilities that people can take advantage of,” said  Kyle Cavalieri , president of the Buffalo-based  Avalon Cyber , which has offices in multiple states.

He referenced information from the FBI and Department of Homeland Security stating that more than half of reported ransomware attacks on state and local governments and schools in August and September involved schools, which keep valuable, confidential information and are less likely to have top-level cybersecurity.

“They’re kind of low-hanging…