This talk covers a ransomware attack on a medium-size school district (23K students, 4K staff). We start with the timeline of the attack that was determined by forensic analysis, cover what was damaged in the attack, and then cover the attack recovery process. Then we’ll discuss changes that were made to avoid and mitigate any future attacks. We wrap with the lessons learned during this attack in the hope that they will help you to avoid and recover quicker if you do experience a ransomware attack.
After this talk, you will have a better understanding of:
- how an attack happens
- what kind of alerts may be symptoms of an attack
- what to do in case you are attacked
- what happens after you are attacked, and
- what actions you can take now to avoid and mitigate a ransomware attack
Ski has worked as a system admin, manager, consultant, professor, and emergency worker since 1982. He currently is a system admin at the Northshore School District in WA and an adjunct professor at Bellevue College. When not busy at a computer, Ski enjoys traveling, kayaking, and backpacking in the wonderful Pacific Northwest.