True North Networks Blog
Long Island Schools Hacked; District Forced to Pay $88,000 in Ransom
Hackers held two school districts on Long Island hostage over the summer, forcing one of them to pay $88,000 in cryptocurrency in order retrieve student and staff information before the school year started.
Despite using an anti-virus software and other firewalls for cyber security, the Rockville Centre School District's encrypted files were accessed on July 25 by Ryuk ransomware, which can infiltrate an entire server with one click of a malicious email attachment.
The district's IT director managed to shut down the computer network the next day and limited damage, according to district officials. They believe the move enabled their insurance carrier to negotiate a lower ransom payment.
"By finding ways to restore some of our data, the ransom demand went from approximately $176,000 to $88,000,” the district told SC Media.
Cyber security experts like Anita D’amico of Code Dx, a company that provides a vulnerability management system, say the ransom is often the least costly part of the process.
"The longer you dawdle, the higher the price," D'amico said. "They have been in your system and could have infected your system, so you have to cleanse the system."
Rockville Centre School District's bitcoin ransom payment and its insurance's $10,000 deductible was less expensive than the cost to recover from the attack without the decryption keys, the district said.
D'Amico also says that one of the best ways to protect yourself from ransomware attacks is to create back ups of important information and store them separately from the main server.
The Mineola School District was also attacked by the same virus. But they didn’t have to pay because they had a back up that wasn’t compromised.
Experts say it's also important to educate employees to not open questionable emails and click on links and attachments. Rockville Centre School District Superintendent Dr. William Johnson said they're "working on that right now" and assured parents they're ready for the upcoming school year.
The district also said it is working with federal authorities to make their servers more secure.