FinalSite Down After A Ransomware Attack
FinalSite, a famous website services provider, has suffered a ransomware attack disrupting access to thousands of school’s websites worldwide.
FinalSite is a SaaS provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite provide solutions for over 8,000 schools and universities across 115 different countries as it claims. On 5th Jan 2022, FinalSite found not reachable and displayed messages, while individual hosts sites are been accessed by schools.
FinalSite did not disclose that they had suffered an attack but simply said that they were experiencing error and “performance issues” across various services, affecting mostly their content management system that includes but is not limited to, Groups Manager, Constituent Manager, Login, Forms Manager (old), Registration Manager, Directory Elements, Athletics Manager, Calendar Manager.
A system administrator shared that the attack prevented schools from sending closure notifications due to weather or COVID-19. Many districts are complaining that they are unable to use their emergency notification system to warn their communities about closures due to weather or COVID-19 protocol.
Ransomware Attack caused the Outages
FinalSite confirmed that a ransomware attack on their network is causing the outages. After days of disruption.
We are incredibly sorry for this prolonged outage and fully realize the stress it is causing your organizations. While we have made progress overnight to get all websites up and running, full restoration has taken us longer than anticipated, The Finalsite security team monitors our network systems 24 hours a day, seven days a week. On Tuesday, January 4, our team identified the presence of ransomware on certain systems in our environment. We immediately took steps to secure our systems and to contain the activity. We quickly launched an investigation into the event with the assistance of third-party forensic specialists and began proactively taking certain systems offline.
It is not known which ransomware gang conducted the attack on FinalSite and whether data was stolen as part of the attack. Education department been a popular victim of attacks, last year alone 87 incidents disrupted learning at as many as 1,043 individual schools. In 2020, 84 incidents disrupted learning at 1,681 schools. The fact that the average size of the impacted districts has decreased could indicate a correlation between budget size and (in)security level.