[BreachExchange] Syracuse schools’ cyber attack is ransomware

[Destry Winant]

https://www.syracuse.com/news/2019/07/syracuse-schools-cyber-attack-is-ransomware.html

Ransomware caused the Syracuse City School District’s week-long
computer outage, a source said.

The district’s internet has had systemwide outages since an “event”
early Monday morning, officials said. Officials released little
information about the investigation and cause of the computer outages.
In a statement Friday afternoon, a spokesman said an “attack froze the
district from accessing our own systems."

Ransomware attacks have increasingly plagued school districts
nationwide in recent years. They work by encrypting a victim’s data
and files until a sum is paid to the attacker.

The Syracuse schools’ system has not yet been restored in part because
hackers have demanded a ransom, and the district has not yet decided
whether to pay, a source familiar with the investigation told
syracuse.com.

The ransom could be in the six figures and officials are concerned it
will continue to grow, the source said.

The unknown hackers’ demands keep increasing as the district misses
deadlines for payment, the source said.

The district will now likely have to decide whether to take its
insurance company’s advice -- pay the ransom now, before it continues
to grow larger -- or listen to FBI officials, who are apparently
discouraging the district from cooperating with hackers, according to
the source.

The source also said officials are concerned an internet outage at the
Onondaga County Public Libraries could be connected to the attack on
the district. County officials could not be reached for comment Friday
evening.

An FBI spokeswoman said she could not comment. She said the FBI does
not confirm or deny its involvement in any case.

School district officials have also declined to provide information
aside from two statements released this week. A district spokesman
said the district had received advice not to say anything further
until a forensic audit could be completed.

In a recent high-profile case, the city of Baltimore was attacked by
ransomware. The city refused to pay a ransom. The case ended up
costing the city more than $18 million, The Baltimore Sun reported.

Similar attacks have happened to school districts in Connecticut,
Texas,and Massachusetts.