STRENGTHENING RANSOMWARE RESILIENCE ACROSS A LARGE SCHOOL DISTRICT
OVERVIEW
Massive databases full of protected personal information, thousands of users to phish, countless endpoints to slip through, small IT teams, and overburdened systems make educators a high-value target for attackers. We see new reports of cyberattacks aimed at educational institutions every time we look at the news. Most require months of recovery time and result in lost data, stolen personal information, and a crippled IT infrastructure.
The Torrance Unified School District (TUSD) recognized the importance of bolstering its cybersecurity measures, especially against ransomware. They installed BullWall, and that decision paid off.
DILIGENCE ISN’T ENOUGH
Most ransomware attacks go unnoticed until it’s too late, sneaking in on innocent-appearing attachments or software engineered to appear legitimate to the user. Training employees, a solid tech stack, and a strong security architecture can help, but attackers are always coming up with new ways to bypass your defenses.
The employees at TUSD are well-trained and know to be wary of unknown attachments and emails from strangers. They know how to recognize social engineering and prevent phishing attacks. They understand they shouldn’t open unsolicited emails, click on links, or open unknown files. That wasn’t enough.
AN OUNCE OF PREVENTION
The Torrance Unified School District had a proactive cybersecurity approach in place, including quarterly simulated phishing attempts to train its staff to be vigilant. Gil Mara, Chief Educational Technology and Information Services Officer, knew that wasn’t enough, “We can’t employ enough people to sit there looking at all of this. We’ve got to automate our response time, our responses, and our monitoring of our system.”
The rapid technological advances being leveraged by attackers also played into ongoing security concerns, “With the advent of AI, GPT, and now hackers being able to leverage AI tools to write code and to enhance their attacks, it’s more imperative that we have something in place.” With the approval of district leadership, Mara expedited the deployment of BullWall.
IMMEDIATE RESPONSE BY BULLWALL
Within a month of deployment, an employee received an email with an attachment from her son’s doctor’s office. Since she was expecting this document, she downloaded it – not realizing it was a malicious file that began infecting her computer.
BullWall Ransomware Containment immediately went to work and locked down the infected device, blocking the employee’s access to the rest of the network. BullWall’s real-time visibility into file transactions and movement allowed the district’s IT team to gain insight into the attack, providing critical information for a swift response. The automated containment response was ready to act, further reducing the potential damage.
“We don’t know how bad this would’ve been had it executed itself,” Mara shared. Instead, the infected computer and account were immediately disabled, preventing further harm. Most importantly, there was no loss of data or encryption of files. BullWall Ransomware Containment proved invaluable when the real-time monitoring and automated response capabilities not only thwarted a potentially devastating attack but also provided peace of mind.
The incident underscored the fact that no educational organization, regardless of size, can afford to overlook the ever-present threat of cyberattacks.
We can’t employ enough people to sit there looking at all of this. We’ve got to automate our response time, our responses, and our monitoring of our system.
