While education has been spared many ransomware attacks, that could be changing.
The focus on educational and government users attempts to take advantage of (among other things) weak or nonexistent disaster recovery strategies.
By going after government institutions, they might get lucky and infect a target that has failed to implement a proper backup procedure, effectively shutting down its system until a ransom has been paid. The chances of squeezing a ransom payment out of these targets are higher than with regular home users.
The attack has been delivered using bogus ticket confirmations, which in turn contain a link to a the ransomware. Now is the time to do two things:
- Test your backup and disaster recovery strategy; and
- Review good email and download habits with your colleagues. This will protect against phishing, social engineering, and ransomware attacks.