Ransomware incidents keep popping up while victims face a crossroads: try to recover their files on their own, or negotiate with the attackers and pay a ransom. This time, cybersecurity services experts have detected a new attack against multiple public schools in New Kent County, Virginia.
In this regard, Superintendent Brian Nichols
mentioned that “during the incident the files located on the hard drives
of the school district’s computers were encrypted, so for now it is not
possible for the school system to access this information.” Simply put, it
is now impossible for the administrative staff of these schools to do their
jobs as normal, and they will have to work on forced marches to start the
school year as planned.
It is necessary to remember that a ransomware attack consists of a malicious program that encrypts the files of a computer or system, demanding a ransom in exchange for restoring normal access to the compromised information; hackers generally demand that this payment be made via transfers of cryptocurrencies such as Bitcoin. According to experts in cybersecurity services, ransomware is typically developed by groups of cybercriminals without affiliation to political organizations, although some of the most dangerous variants of this malware have been developed by groups of hackers backed by governments in countries such as Russia or North Korea.
In subsequent statements, Superintendent
Nichols mentioned that the school district has hired the services of a group of
experts in external cybersecurity services. In addition, he said the
investigation is progressing well and pledged to continue sharing updates on
the incident. “The FBI and Federal Police are also collaborating on the
investigation; although this process has not concluded, we can assure you that
we have found no evidence to prove the theft of confidential information,”
Nichols says.
For now, state authorities do not plan to
change the start date of the school year, so New Kent schools will open the
same day as the rest of public schools in Virginia, “we will try to keep
student registration systems ready for the first day of school,” the
superintendent added. So far it is unknown whether local authorities have
considered paying the ransom to hackers, although this measure is, for obvious
reasons, very risky.
In the most recent months, cybersecurity
services specialists from the International Institute of Cyber Security (IICS) have
reported at least ten incidents of ransomware attack on school systems in U.S.
states such as Florida, Idaho and New York. Nevertheless, the most impactful
case occurred in the state of Louisiana, where a group of threat actors were
able to fully encrypt access to the systems of an entire school district. To an
unprecedented extent, the state governor declared a state of emergency
throughout the territory, leading to the intervention of federal security
agencies and the restructuring of the IT systems throughout the affected
district.
