Lessons Learned from a Ransomware Attack

Tuesday, June 01, 2021 - 8:45 am9:30 am

Ski Kacoroski, Northshore School District

Abstract: 

This talk covers a ransomware attack on medium size school district (23K students, 4K staff). We start with the timeline of the attack that was determined by forensic analysis, cover what was damaged in the attack, and then cover the attack recovery process. Then we'll discuss changes that were made to avoid and mitigate any future attacks. We wrap up with the lessons learned during this attack in the hope that they will help you to avoid and recover quicker if you do experience a ransomware attack.

After this talk you will have a better understanding of how an attack happens, what kind of alerts may be symptoms of an attack, what to do in case you are attacked, what happens after you are attacked, and what actions you can take now to avoid and mitigate a ransomware attack.

Ski Kacoroski, Northshore School District

Ski has been done stints as a system admin, manager, consultant, professor, and emergency worker since 1982. He currently is a system admin at the Northshore School District in WA and an adjunct professor at Bellevue College. When not busy at a computer, Ski enjoys traveling, gardening, kayaking, and backpacking in the wonderful Pacific Northwest.

BibTeX
@conference {272733,
author = {Ski Kacoroski},
title = {Lessons Learned from a Ransomware Attack},
year = {2021},
publisher = {USENIX Association},
month = jun
}

Presentation Video