The websites of around 5,000 institutions, including high schools and colleges, were down last week following a ransomware attack against Final site, which manufactures software for websites.
Cybercriminals are increasingly targeting higher education institutions and have hit at least three community colleges with ransomware since the end of November. The attack on Finalsite demonstrates the value attackers find in attacking service and solution providers as well. By disrupting a service provider like Finalsite, the scale of the attack becomes more devastating, as thousands of victims are forced to deal with the disruption all at once.
Final site officials said they first detected ransomware on their systems last Tuesday and immediately launched an investigation with the help of third-party forensic specialists. They said 99.9% of disrupted websites were back up and running on Sunday,
Brett Callow, Threat Analyst at Emsisoft, said cybercriminals see service and solution providers as attractive targets.
“An attack on a university only affects that university, while an attack on a service or solution provider can affect multiple universities, which can increase their chances of getting paid,” Callow said by e- mail. “Incidents like this are far from rare and show no signs of slowing down. It is almost inevitable that we will see increasingly disruptive attacks on service and solution providers throughout the year.