Michigan School District Shut Down by Ransomware

3rd January 2020 | Blog, Sticky Michigan School District Shut Down by Ransomware
Ransomware attack in Richmond Michigan Schools The Richmond school district in Michigan started off the decade on the wrong foot, falling victim to ransomware that demanded $10,000 in bitcoin. This school district had its computer systems, telephones and copiers all victimized by hackers. The districts Superintendent said “there’s no guarantee we’ll get our server files back“.  Since the start of 2019, 72 school districts nation-wide have publicly reported being compromised by ransomware attacks. If 72 districts reported publicly, you can multiply that by 10x for the districts that were hit with ransomware that did not publicly disclose it (perhaps they recovered quickly enough that they did not need to)? Regardless of the overall number of school victims, what is it about educational institutions that contributes to them falling victim to these attacks?

Why Educational Facilities?

According to cyber security experts, educational institutions are desirable targets for ransomware threat actors because of two things.  First, these organizations hold large quantities of sensitive data on students and employees.  Second, they are an easy target to compromise.  It’s the intersection of these two things that makes them a ransomware target.

What makes educational institutions an easy compromise target?

Most educational institutions do not have significant cybersecurity protections in place.  In multiple CyberHoot investigations of Emotet compromises, the educational classroom computers were not even running Antivirus software in some instances! School systems often lack funding for cybersecurity programs.  As a result they lack technical protections, they lack training, and they lack backups. This is the perfect storm for ransomware attacks.  But this isn’t the entire story.  The ultimate goal of a ransomware attack is a bitcoin payment to the hacker.  Otherwise, it’s all for naught.  Here’s the extra attraction by hackers to school systems. Hackers recognize that schools are public entities which cannot afford to shut down. Hackers also realize schools often carry Cybersecurity insurance with riders that will pay the ransom in a ransomware attack.  Combine these two facts with the ease of targeting schools with ransomware attacks and the bullseye is squarely on their chests.

What Can or Should Be Done?

Schools in many states, such as New Hampshire, are implementing state bills, such as SB1612, that require school districts to implement cyber security protections. Many of these attacks can be prevented with awareness training of students and faculty. Schools must pair the awareness training with appropriate protective measures such as Email SPAM and Phish Filtering solutions combined with next-generation antivirus on every computer and server.  Finally, educational institutions need to adopt and follow governance policies such as a Written Information Security Policy (WISP), that outlines protective cybersecurity requirements that are no longer optional or best effort. CyberHoot already helps many educational institutions accomplish their awareness training and policy governance objectives.  Get ahead of incoming state requirements like SB1612. Engage CyberHoot to help you proactively train and govern your students and administrative staff today!  Visit CyberHoot.com/freetrial/ for a FREE 30 day trial and start your journey to enlightenment before it’s too late.

Watch CyberHoot’s Introductory Video to learn more…

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Sign Up Today!
Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

184 Million Passwords Leaked: Is Your Digital Doppelgänger Out There?

184 Million Passwords Leaked: Is Your Digital Doppelgänger Out There?

Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...

Read more
Your WiFi Might Be Watching You… Sort Of

Your WiFi Might Be Watching You… Sort Of

As smart homes get smarter, so do their habits of watching, sensing, and reporting. Enter WiFi Motion Detection, a...

Read more
CyberHoot Newsletter – June 2025

CyberHoot Newsletter – June 2025

CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...

Read more