Saturday, January 29, 2022

Cloud-based school website provider, US county hit by ransomware

The new year is only a week old and already ransomware gangs have hit a number of organizations.

They include Finalsite, a cloud-based provider of website solutions to over 8,000 schools and universities in 115 countries, and Bernalillo County, which includes Albuquerque, New Mexico.

According to the Bleeping Computer news service, the attack on Finalsite disrupted access to websites for thousands of schools worldwide.

Finalsite said in a statement on its website that it found ransomware on its system on Tuesday. “We immediately took steps to secure our systems and to contain the activity. We quickly launched an investigation into the event with the assistance of third-party forensic specialists, and began proactively taking certain systems offline.”

“We have full access to our files and data. The forensic investigation is ongoing and at this time, we have no evidence that our data or client data has been taken. If we determine otherwise through the course of the investigation, we’ll act swiftly to notify you and will take all appropriate actions.

In an update issued Thursday the company said it continues to make progress bringing more websites back up. “While we still have work to do, the vast majority of front-facing websites are online. Some sites may still lack proper styling, admin log-in functionality, calendar events, or constituent directories, but the team is currently working to restore these elements.”

UPDATE: On January 10th Finalsite said after six days of investigation it found no evidence customer data had been seen or copied by an attacker.

Bernalillo County said most of its buildings will remain closed Friday because of the ransomware attack detected earlier in the week. County employees continue to work from home to offer services as much as possible. Emergency and public safety are in full operation. 911 is operational, with the Sheriff’s Office and Fire and Rescue responding to calls. But the Clerk’s Office has no access to systems and no legal filings are possible, including marriage licenses, real estate transactions and voter registrations.

In addition, this week network-attached storage maker QNAP warned users to take precautions against ransomware.

In its statement QNAP said ransomware and brute-force attacks have been widely targeting all networking devices. The most vulnerable devices, it adds, will be those exposed to the Internet without any protection. A QNAP NAS is exposed to the Internet and at high risk if  the Security Counsellor tab in the QNAP administrator console shows “The System Administration service can be directly accessible from an external IP address.”

 

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

After being all-digital last year, the Consumer Electronics Show is back in Las Vegas for 2022. Find all the latest news and announcements from the showroom floor at CES 2022.

Related Tech News