Photo Credit: Pixabay/ Joachim Schnürle
(TWIN CITIES, MN) - Several Minnesota entities faced ransomware attacks in the last two months, with the majority of the attacks happening in May. While public schools appear to be the primary target, colleges, government services, and businesses were also affected.
Attackers often hit schools because most are underfunded, have poor cybersecurity infrastructure, store large amounts of personal and financial data, and use legacy systems (outdated software and hardware). Ransomware attacks can be especially vicious, the cybercriminals hijack information from a system and lock the user/entity out - then request money to be allowed back in.
This threat isn’t new to the world of IT, but the con has evolved. Instead of simply locking the user/entity out of the system, attackers often encrypt the files, making it harder to access them even if the affected party manages to reenter the system. In theory, once the ransom is paid, any stolen data is deleted, and the original files get decrypted, making them usable again.
Minnesota public schools hit by ransomware attacks include Spring Lake Park, Wyzata, and Delano. In the case of Delano and Spring Lake Park, schools were forced to close for a short period of time. While both schools' networks were shut down the moment the attack became clear, the damage was already done.
ShinyHunter’s breach at the University of Minnesota was contained to Canvas, it’s primary learning management system. Students lost access to important learning tools during finals week, locked out of everything from assignments to exam materials. Some exams were postponed, but disruptions to scheduling and the stress impact on students were evident.
Winona County was initially attacked in January and April. Emergency response services (911) continued under manual operation, while DMV and vital statistics services were temporarily shut down. Other county network services were taken offline immediately following the discovery to minimize the threat to critical systems.
Photo Credit: MNDOT / Map of Winona County
An executive order was issued by Governor Tim Walz authorizing the Minnesota National Guard’s Cyber Protection Team to assist Winona County with restoration efforts. The efforts are ongoing and residents may still experience delays when contacting the county. Though authorities haven’t confirmed whether any personal information was leaked in the latest attack, residents included in the first attack were notified May 12.
At this point, the only business impacted by a significant ransomware attack is MyPillow. On May 25, the bedding company was listed on Play’s ransomware ‘extortionists leak’ site. The attackers threatened to release personal and financial information, including client, employee, and tax records, if payment demands aren’t met. The company hasn’t released a response yet regarding the alleged attack. CEO of MyPillow, Mike Lindell, is currently running for Governor of Minnesota.
Aside from MyPillow, which hasn’t released a statement, a majority of those affected by the recent ransomware attacks in Minnesota have stated intentions to increase budgets for network infrastructure and cybersecurity-related tools.
To add to or correct any information, please contact me at kristin.h@lead4earth.org.
0
0
Comments