Ransomware Attack on Englewood Public School District by LockBit 3.0

Victim Overview

The Englewood Public School District, located in Englewood, New Jersey, was targeted by the cybercrime group LockBit 3.0. The district operates in the education sector, providing education to students in the area.

Company Size and Standout

The size of the Englewood Public School District is significant, serving students in Englewood, New Jersey. The district is notable for its commitment to education and community engagement, offering various programs and services to support student learning and well-being.

Vulnerabilities

Being in the education sector, the Englewood Public School District may have been targeted by threat actors due to the sensitive nature of the data they hold, including student and staff information. Educational institutions are often seen as lucrative targets for ransomware attacks due to the valuable data they possess.

Attack Details

LockBit 3.0, a Ransomware-as-a-Service (RaaS) group, used ransomware to compromise the district's website. The attack likely involved encrypting files, modifying filenames, changing desktop wallpaper, and dropping a ransom note on the victim's desktop.

Ransomware Group Overview

LockBit 3.0 is an evolution of the LockBit ransomware group, known for its advanced and dangerous ransomware capabilities. The group operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks.

Penetration Method

The ransomware group distinguishes itself by its advanced features, including the ability to move laterally through a network via group policy updates and delete traces of itself to cover its tracks. The ransomware group may have penetrated the Englewood Public School District's systems through phishing emails, unpatched software vulnerabilities, or weak security practices.

Sources

• Englewood Public School District Website
• SentinelOne - LockBit 3.0 Overview