Ransomware Attack Prompts City Schools to Turn to ePlus for Security

City overcomes attack and adds tools to mitigate future breaches

Business Challenges

  • The City, which historically had trusted a small IT networking company to maintain their security posture, was dealing with an active ransomware attack after a SQL Server containing Student Personally Identifiable Information (PII) had been compromised.
  • With no security controls in place, including anti-malware, the City’s schools were hit with ransomware and immediately taken offline.
  • In addition to legal trouble, the attack could have led to the leak of personal information of thousands of students.

Why ePlus?

  • The City needed a partner who could immediately help them first overcome and then recover from the attack, as well as build a strong security program, pervasive across its network.
  • The City was an existing long-term customer who worked with ePlus on network, wireless, phone and other technologies for their schools, but not yet for security.
  • In their moment of vulnerability, they wanted to turn to a partner they trusted, who was also familiar with the inner workings of their organization.

Solution

  • Using a combination of technologies to address different issues from system recovery to protection from future attacks, a comprehensive solution was implemented that secured their network at multiple facets.
  • Initial triage detected the ransomware behavior using Cisco AMP and discovered that a server containing student information was the one that had been compromised.
  • Further delivery of the ransomware was prevented by deploying Cisco Umbrella, a cloud security platform that provides the first line of defense against threats on the internet.

Business Outcomes

  • The compromised systems were fully recovered and the ransomware infection was eradicated.
  • The custom-designed security solution entailed technology to both block threats before they reached the network, and to enable detection of malware behavior.
  • Incident response capability and recovery was enabled.
  • ePlus is providing ongoing CISO Advisory Services and is also providing Managed Security Services for Firewalls, Switches and more.

Want to Learn More?

We have proven success engineering and deploying solutions that enable our customers to thrive in today's constantly changing, complex technology landscape.

 

Let us know how we can help