A Jersey school has been asked to pay a 'ransom' to access its data after a cyber attack that left it with no access to its systems.
It's understood the attack occurred last week.
Jersey's main cybersecurity authority confirmed yesterday that it has been supporting De La Salle College with a "ransomware incident", which usually involves an attacker preventing their target from accessing its own digital information before offering to return it – at a cost.
If a victim does not comply with the request, hackers sometimes threaten to delete the data or corrupt systems.
In a statement, De La Salle College confirmed that data from its systems had been "encrypted", and that it had "no access" after the ransomware request.
"There is currently no evidence to suggest that any data has left our systems, we are working with all of the relevant authorities and have made all of the requisite notifications in this regard," the school said.
De La Salle would not confirm the level of 'ransom' it had been asked to pay.
"We will make no further statement in this regard until new information is available," the College added.
Cyber Emergency Response Team Director Matt Palmer said: "We are supporting a local school with a ransomware incident.
"A ransomware [incident] is where an attacker accesses your systems and encrypts the data – so makes it inaccessible to you – and then if you want access to that information they then ask you to pay a ransom. Then they would decrypt the data and potentially give it back, although that said there are many situations where ransomware payments are made – and it doesn't always result in the data being returned."
Pictured: CERT Director Matt Palmer.
He added: "Unfortunately attacks like this are a regular occurrence and no-one is immune. Not all attacks are caused by phishing emails – often attackers will find a vulnerable or old system and use that to gain access."
He urged local organisations to ensure their systems are up to date and "locked down as far as possible", with regular backups kept separately, to minimise the chance of a ransomware attack.
"All external systems should use two factor authentication, which is where you have both a password and another form of identification such as a code from a mobile app. It’s also important to monitor systems to detect attacks quickly. Anyone needing advice on preventing ransomware attacks can contact CERT.JE."
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.