Even though the complex cybersecurity solutions currently available on the market, a system, network, or computer will never be 100% protected against security threats. Cybersecurity services experts report an incident in New York City that compromised the security of a school district despite having antivirus and firewall solutions.
It is an infection of the dangerous Ryuk ransomware, which has compromised the systems of the Rockville Center School District in New York; due to the infection, the local government had to pay almost $90k USD to hackers to regain access to the files encrypted by the malware.
The incident occurred on June 25, according to
a report published by the specialized platform SC Media. Although the
administrators implemented the best available security measures, the ransomware
operators managed to complete the infection and eventually district security
services personnel were forced to close all computers on the network to prevent
the spread of ransomware.
“We detected the encryption process at a
relatively early stage, so our insurance company was able to arrange payment of
less than what was initially intended by the attackers, so it only corresponds
to the New York government a $10K USD payment of deductible,” school
district officials said. SC Media’s report holds that the initial ransom amount
was over $170k USD.
On their decision to pay the ransom, the
authorities stated, “We exhausted all our efforts trying to regain access
to the information on our own. However, after analyzing the consequences that
the permanent loss of this data could generate, we decided to pay the ransom to
keep up the district’s operations.”
According to cybersecurity services experts,
the Rockville Center School District is not the only one that has been the
victim of cyberattacks in recent times. Several reports indicate that a series
of malicious campaigns have been deployed for at least the past six months
against the entire New York Department of Education, which has sent safety
warnings to all school districts in the state, trying to prevent future
security incidents.
While specialists strongly recommend not paying
the ransoms demanded by hackers in these cases, it is increasingly common for
affected companies to try to negotiate with the attackers; even some
cybersecurity insurance policies have been updated, including coverage against
ransomware attacks.
International Institute of Cyber Security
(IICS) cybersecurity services specialists have reported similar incidents
recently. Among the most prominent cases are ransomware infections in multiple
cities and counties in the state of Florida and at least two school districts
in northern Louisiana. In these cases, the affected organizations have also
decided to yield to the demands of the threat actors and pay the ransom to
recover their information. It is
necessary to remember that this is not the most advisable, as there is no
guarantee that the attackers will comply with their part of the deal and
restore the compromised accesses once the required money is given to them.
