In the wake of a large-scale ransomware attack targeting thousands of school websites and communications systems, state Attorney General William Tong is urging businesses and government agencies to strengthen their cybersecurity protocols.
In a statement, Tong said a cyber attack last week affecting the FinalSite software service, used by many schools and universities for web hosting and content management, should serve as a reminder to the private sector and government institutions that the threat of damaging hacks remains high.
“No business or government entity is immune from a ransomware attack,” he said. “Regardless of size, or whether you are in the public or private sector, there are measures we all can and must take to protect consumer data, privacy and our critical infrastructure.”
Tong’s office recommends implementing multi-factor authentication for system users, encrypting data, updating and patching systems and backing up data and configurations. The attorney general also highlighted a list of best practices released by the White House in May; that outline said businesses should enable endpoint detection and response, to hunt for malicious activity on a network and block it, and organize skilled security teams to rapidly patch vulnerabilities.
The FinalSite hack, which was resolved last week, is believed to have impacted around 3,000 U.S. public schools. There is no evidence that student data or personal information was compromised, Tong said.
