Massachusetts School District Pays $10K to Ransomware Attackers
"A school district located in Massachusetts paid attackers $10,000 after they infected its computer network with crypto-ransomware.
Officials at Leominster Public Schools decided to meet the demand after the district suffered a ransomware attack on 14 April.
It’s unclear what types of files the malware encrypted. According to CBS Boston, the stain prevented employees from accessing parts of the school’s network. It also brought down the district’s email system, thereby forcing employees to communicate with one another via their personal Gmail accounts.
Leominster Schools Superintendent Paula Deacon said in a statement that she and other officials were waiting “to be fully restored.” As quoted by CBS News:
The Leominster Public Schools were the victim of a Ransomware cyber attack on Saturday, April 14, 2018. A lock was placed on our system until a negotiated ransom was agreed upon. We paid through a bitcoin system and are now awaiting to be fully restored.
IT personnel were still working to recover the district’s affected systems on 30 April, reported The Boston Globe. Deacon did not provide additional comments about the progress of the recovery efforts. But she did thank everyone for their patience.
Leominster Public Schools isn’t the first district to suffer a ransomware attack. In mid-September 2017, bad actors demanded that the San Ysidro School District, a public school district located in San Diego County, California, pay $19,000 to receive a decryption key following a ransomware infection. Two years before that, malefactors encrypted the Swedesboro-Woolwich School District’s systems with ransomware and demanded a ransom of 500 Bitcoins, which was initially worth $129,000 at the time.
Clearly, ransomware actors have a history of targeting schools. Educational institutions should internalize this record of attacks by taking steps to prevent a crypto-malware infection on their systems. They should do so by patching their workstations’ operating systems and possibly setting up additional firewall protections. Organizations in the education sector should also make sure to back up their most important files on a regular basis."
We could not agree more. And step all employees through new-school security awareness training to prevent attacks like this, because most of them are caused by employees falling for social engineering tactics like phishing.