The recent wave of ransomware attacks on school districts in various U.S. states does not stop and has claimed new casualties. Digital forensics specialists reported an incident at some schools in Wakulla County, in Florida, where the school district has already met with its insurance company to determine the most appropriate measure.
Robert Pearce, the school district’s
superintendent, mentioned that they have been in contact with hackers since the
incident was spotted. “After infection the attackers contacted us to
inform us about the situation, as well as to set the amount of Bitcoin demanded
as a ransom; there are other details that I cannot reveal now, as an
investigation is underway,” the superintendent said.
The district’s digital forensics team concluded that hackers did not managed to access students’ personal information; however, the attack shut down some school systems and email servers. “At this moment it is not possible to access all our systems, but operations have not stopped completely,” Pierce added. This is the third ransomware incident in a recently reported school district in Florida.
Nonetheless, bad news is not limited to
Florida. The Central School District in Groton, a small town in Connecticut,
has disclosed a ransomware infection in its systems that occurred during the
past week. During the incident, the records of nearly a thousand students were
exposed; compromised personal data include students’ full names, email
addresses, dates of birth and school identification numbers.
According to digital forensics specialists, the
incident would have begun in November 2018 due to unauthorized access to one of
the school district’s storage systems, which stopped receiving support and
updates nearly 4 years ago. On this occasion, it was the FBI to notify Groton
school authorities of the incident.
People from the small town Wolcott have
reportedly been hardest hit by this incident, as authorities are continuing to
investigate the attack that completely shut down access to the district’s
school systems. “Our school systems were attacked, a team of digital
forensics experts is working to regain access to the systems,” said Thomas
Dunn, Mayor of Wolcott.
Finally, last June 13 users detected that the
ransomware had blocked access to multiple storage systems. The incident forced
authorities to shut down all computer systems in the district for more than a
week.
Experts from the International Institute of
Cyber Security (IICS) recently reported multiple similar incidents affecting
school districts in other U.S. territories, mainly in New
York and Louisiana, where it was even decreed, for the first time, an
information security emergency estate, which allowed local authorities to
obtain the resources needed to begin their data recovery process.
In other cases, such as Riviera Beach in
Florida, local authorities decided to set a payment with the attackers and
regain access to their systems immediately, as they considered the recovery
process, in addition to being too costly, to be too slow.
