4 minute read
Hack Attack
Words | Anson Eggerss INSIDE INFORMATION ON HOW THE COMPUTERS AT SCHOOL LOST DATA.
Friday, January 10 th , 2020 seemed like just another ordinary day at the Geneva School of Boerne. But something happened that day, something that would affect every person on campus. That Friday, a deadly virus made its way into the school’s computers and hard drives, a virus set to destroy years of lesson plans, spreadsheets, historical data, pictures and documents.
Advertisement
What started off that day as slow computers ended with whole files and, eventually, whole drives being corrupted. Throughout the following week, teachers began to lose the ability to open files on their computers, with some computers even rendered inoperative. Some teachers lost multiple years’ worth of work as many of their documents turned into corrupted, unopenable files.
“I seriously questioned whether I was too old to reinvent the wheel again,” Mrs. Susan Greenlees, the 10th and 11th grade math teacher, said. Greenlees lost years of worksheets, notes, tests and quizzes.
Greenlees was not the only one who suffered tough losses, however. The journalism department’s entire drive was corrupted, losing access to all files from the last decade.
But what had caused all this damage? How could something like this even happen? The whole matter can be attributed to one thing: ransomware. A Geneva dad and cybersecurity engineer of fifteen years who helped with the problem defines ransomware as “a program that runs and encrypts files on your hard drive with a key only the attacker possesses. They essentially ‘lock’ your data and hold it for ransom to get the key to decrypt your files.”
Ransomware has been around since the late 80s and has become more prominent with technological advancements through the years. Some types of ransomware, such as CryptoWall, have even generated upwards of $300 million in revenue.
The specific ransomware that had been installed at Geneva is called RYUK, a malware virus named after a fictional character from Japanese television, created by a Russian cybercrime group called Wizard Spider. RYUK is meant to target large databases with systems full of files, and the typical ransom demand can be between $100,000 and $500,000. Geneva did not pay to retrieve our files, which is why everything was lost. However, it was clear we had been targeted.
“They were in our network and listened to it for a fairly considerable amount of time, gaining access to some people’s Amazon accounts and things like that,” computer science teacher Mr. Scott Milam said. “Once you get in and infect a certain number of computers, each computer is capable of infecting others, making it very difficult to clean.”
RYUK is a fairly new type of ransomware, only just being discovered in late 2018 and has been
spreading on many systems across the world. Because of how common it is becoming, RYUK has also made its way into mainstream news. It was suspected to have infected the IT systems of the entire city of New Orleans and the U.S. Coast Guard. At the time of writing this, the most recently reported attack is on a Florida news source, the Tampa Bay Times. By refusing to pay the ransom, the newspaper has been fighting hard to recover their main resources.
Thankfully, in Geneva’s case, a company in San Antonio called Suurv Technologies was contacted quickly, as well as two experts from the office of Rick Palermo, the IT supervisor and a Geneva dad. This team dealt with the ransomware quickly and efficiently.
“Over two million files from the last 20 years were lost due to the criminal activity,” one of the directors of the team said. “We have removed the malware, evicted the criminal’s access to Geneva, and installed anti-virus as well as security monitoring on every Geneva computer. There are also network upgrades taking place to modernize the infrastructure.”
Head of school Brad Ryden said, “One of the things we already decided before all this is that we’re going to move everybody to the Cloud, to Office 365.” Office 365 is a Microsoft product that offers subscription-based access to tools for business and education. By transitioning to this updated software and backing up information to the Cloud, Geneva’s data will be much safer and more secure for the future.
In a world of quickly advancing technologies that are full of pros and cons, precautions should be taken by all people to protect the information that we upload, transfer and store. Obviously, malware is an issue that no one should have to deal with, especially on their personal devices. Fortunately, there are ways to prevent it.
Here are five steps that you can use to ensure that malware does not corrupt your system.
1.
Use a quality antivirus on all your devices, and make sure it updates regularly.
2.
Use a password manager like 1Password or LastPass to store your passwords and make sure they are unique for every account you have.
3.
Use a two-factor authentication on anything of value. There is a reason your bank texts you with a code to make sure it is you!
4.
When in doubt about something, go to Google, get the business phone number, and call them.
5.
Back up your data to a cloud based system (iCloud, Google Drive, Dropbox, OneDrive, etc).
