Menu

Spotlight on: ISC West 2024

Re-Write Your Lesson Plan for School Safety with Hanwha Vision

Attention Technology Manufacturers and Security Systems Integrators: The Campus Safety BEST Awards Are Back!

Traka to Showcase Touch Pro Key Cabinets and More at ISC West 2024

Hanwha Vision America to Feature AI Solutions at ISC West 2024

Survey Finds Campuses Using Their Emergency Notification Systems More

2023 Video Surveillance Survey Finds AI, the Cloud, and LPR Gaining Traction on Campuses

Close
News

Ransomware Attack Forces Baltimore County Schools to Close

Critics say multiple red flags preceded the ransomware attack on the school district.

Ransomware Attack Forces Baltimore County Schools to Close
Jump to Comments

Baltimore – Baltimore County Public Schools (BCPS) reopened on Wednesday after being forced to close for three days due to a ransomware attack.

On November 28, the district, which is mostly conducting virtual classes due to the pandemic, announced that its schools would be closed Monday and Tuesday. The ransomware attack occurred two days before Thanksgiving, and BCPS officials described it as a “catastrophic attack on our technology system,” reports the Baltimore Sun.

During the shutdown, which affected all of its nearly 115,000 students, the district revised its platform. Additionally, students and staff with BCPS HP devices were required to check for ransomware. Devices will be replaced with Chromebooks.

Critics say multiple red flags preceded the attack. In May 2019, BCPS officials were warned that their networks were vulnerable, reports the Baltimore Brew. The technology journal Ars Technica used BCPS as a prime example of the vulnerabilities school district computer networks face. One expert told The Brew at that time that major parts of the district’s network were not properly configured or protected.

In response, the district applied a system patch that The Brew reported was the bare minimum needed to prevent an attack.

Additionally, on the day of the ransomware attack, a report by Maryland’s Office of Legislative Audits was released and found that significant risks existed within BCPS’ computer network:

For example, monitoring of security activities over critical systems was not sufficient and its computer network was not properly secured. In this regard, publicly accessible servers were located in the BCPS internal network rather than being isolated in a separate protected network zone to minimize security risks.

Although the report was released on the day of the attack, The Brew opines BCPS probably knew about the vulnerabilities last spring.

Across the board, organizations are reporting a huge increase in phishing attempts, email-based malware attacks, email compromise, ransomware and more. Schools are particularly vulnerable, especially districts that are conducting virtual classes during the COVID-19 pandemic.

Online learning means school districts have experienced a proliferation of devices interacting on their networks, stretching existing security measures thin. Furthermore, home networks tend to be less secure and less frequently maintained than school networks.

Overall, the average cost of a data breach is $3.86 million each.

Hackers have taken note.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Coronavirus Cybersecurity Distance Learning Ransomware

About the Author

robin hattersley headshot
Contact:

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Conference promo

Recommended For You

Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence
Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence

In this webinar, attendees will learn the observable behaviors people exhibit as they head down a path of violence so we can help prevent the preventable.

Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training
Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training

This discussion will help participants analyze, understand, and assess their own program effectiveness.

Latest Quizzes

How Should These Clery Act Crimes Be Classified in Your ASR?
Mental Health in America: Test Your Awareness with This Quiz
Test Your Hospital Safety and Security Knowledge with These 9 Questions