A ransomware attack earlier this summer hit the Rockville Centre School District in New York, Superintendent William Johnson told Fox 5:
Ransomware is a program like a virus that infects the computers, phone systems, and other on-network hardware at a corporation or, more commonly in recent years, a school district.
Experts advise keeping data off-site so it’s not entirely necessary to pay to gain access to it again. That does help, but it’s not entirely safe. Restoring data from back-ups takes time, and it’s almost always cheaper for school systems to pay the ransom than to pay the ransom than to restore access to the system from their off-site back-ups.
“That’s why they made the request reasonable,” Mr Johnson was quoted as saying, referring to the criminals’ original demand for $176,000 in bitcoin but lowered through the district’s insurance agency and a third-party negotiator to half that amount. “They made the cost of getting the decryption tools cheaper than it would cost us to restore our systems from back-up.
“We thought we were safe,” he said. “This group used algorithms that were more sophisticated than anything we’ve ever seen. These guys are good.”
He noted that the data were never breached. In other words, criminals never gained access to any personally identifiable information or other sensitive data about the student or staff in Rockville. Rather, the ransomware software, when it infects a system, encrypts the computer and makes accessing anything on it impossible.
When the ransomware is paid, the decryption key is provided, and access is restored. The FBI generally warns against paying ransoms in situations like this, but Rockville Centre chose to pay it as a business decision, Mr Johnson said.
Districts victimized by ransomware in recent months:
- The Mineola School District in New York
- The Nampa School District in Idaho
- Flagstaff Unified School District in Arizona
Finally, last spring, computer systems in Baltimore County, Maryland, were attacked and ransom demanded of about $6 million. The county government estimated the net cost of the ransomware attack at more than $18 million, given the shutdowns that ensued as the information technology staff restored systems following the loss.