Why Did the Baltimore County Schools Cyber Attack Happen?

Just ahead of Thanksgiving 2020 the Baltimore County Public Schools system was hit by a devastating ransomware attack. The attack came right in the midst of the ongoing lockdown measures against the spread of Covid-19 and affected 115 thousand students who had been switched to online classes.

How exactly did the accident happen and why? The tell-tale signs about a similar situation have been there for quite some time, it seems.

The school system in Baltimore received a targeted warning about its network back in 2019, shortly after the city of Baltimore was hit by a RobinHood ransomware variant. The warning seems to have gone unheeded, as there was another report outlining the school network issues issued by the Maryland Office of Legislative Audits. That latter report came on the exact day that the attack took down the school network.

It might seem that the report served as a prompt for the bad actors given the timing, but the auditors formally notified the schools before releasing the document, giving them time to address issues.

Some of the security loopholes outlined in the most recent report can be seen almost word for word in a report dating back to 2015. Disturbingly, it seems none of them were addressed.

There seems to be very little the Baltimore school network was actually not vulnerable to. From RDP vulnerabilities, to simple password guessing and user passwords floating on the dark web, put up for sale, there was a myriad of avenues for bad actors.

The biggest issues with the school networks were how the servers were organized and set up, the lack of critical updates and the general inability of the people responsible to act in a timely manner, despite multiple warnings.

The authorities investigating the attack on the school network have revealed virtually nothing and only stated that an investigation is in progress. Security experts have noted that in case the schools have not invested in a decent data backup plan, they may be forced to pay the ransom.

By Zaib
December 7, 2020
Computer Security
English
December 7, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News, Ransomware

Tech Company Garmin Pays Millions After Ransomware Attack

Garmin, a brand associated with a lot of different GPS systems and sports equipment, reportedly paid millions of dollars of ransom after hackers infected its systems with ransomware in late July 2020. According to... Read more

September 4, 2020
Password Security

Why You Shouldn't Reuse Passwords

During your school years did you ever become frustrated when someone in your class shared the same name as you? Better yet, was there ever a time that someone improperly identified you as someone else? Such... Read more

March 14, 2018
Malware

What Is a DDoS Attack and How to Avoid It

Directed denial of Service, or simply "DDoS" attacks, are designed to take down a platform or web page and interrupt the service it provides. This temporary loss of service is caused by overloading a single website... Read more

September 3, 2019
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.