Ransomware Attack Puts School District Under Siege for $10,000

Updated: Jun 3, 2020

The Leominster Public School District is the latest victim of the growing phenomenon of ransomware. On April 14th, the computer systems of the school district were incapacitated due to an untraceable attack. The attackers were demanding $10,000 to let the school district regain control of the computers.

Understanding Ransomware

Let’s think of your home security. You lock your doors when you go out to keep your home safe. Suppose during your absence, someone comes to your house and changes the locks on your doors and windows. You come back home and find your home locked with a note on the front porch that you need to pay a ransom to reuse your own house. Furthermore, if you try to force yourself in, your whole house will explode.

Ransomware works in a similar fashion. Instead of your house, cyber-extortionists hold your computers hostage. A ransomware can spread through spam or phishing emails. If someone in your organization opens an email and clicks on a malicious link, the malware gets downloaded to your network and spreads. The ransomware can affect a single computer or thousands of computers. If you try to force into your system the ransomware destroys all data.

While hackers who attack computer systems try to gain access to sensitive data, ransomware extortionists are generally more interested in gaining immediate financial rewards.

The Unfolding of the Leominster Attack

The attack locked all the computers of the Leominster Public School District. Paula Deacon, the superintendent of the school district, learned about the problem on April 14th. The attackers were demanding $10,000 that had to be paid using BitCoin, a cryptocurrency or form of electronic cash.

According to the Police Chief Michael Goldman’s interview on ABC News, due to the lack of any off-site backup, the school district was left with no choice but to pay the ransom. The ransom was paid on April 20th.

After the payment, the access to the school district’s systems was restored.

Other High-Profile Ransomware

CryptoLocker was one of the first ransomware that caught the attention of the security community. It came onto the scene in 2013. CryptoLocker used spam-email attachments to spread. Next year, TeslaCrypt, a variant of CryptoLocker, started to run havoc. In 2016, 48.81% of the ransomware attacks were carried out using TeslaCrypt.

Last year, WannaCry got a lot of publicity due to its scale and targets. The malware was detected for more than 250,000 cases across 116 countries. The ransomware was created using the leaked NSA hacking tools. WannaCry brought 16 British Hospitals to a standstill.

Preventive Measures

Here are ways you can protect yourself from catastrophe:

  • Back up your systems: If you have backups of your systems, you have more choices. You can terminate the infected devices and start over.
  • Implement an email system with security: Use a reliable email service that has the latest security features to help you keep your servers safe.
  • Disable unnecessary features: Every feature of your software increases the potential for an attack. If you don’t need a feature, disable it.
  • Patch or update your software regularly: Manufacturers and software producers regularly release updates to address latest issues. If you regularly apply the patches and updates, you’ll be safer.
  • Education: Provide training programs for your employees to teach them the kind of behaviors that make your organization vulnerable. It can decrease the chances of an attack.

Lessons From Leominster Attack

In the past, hackers were only interested in enterprise-level businesses. Today hackers have learned that they can make good money from small and mid-sized businesses too. So everyone is vulnerable. Take precautions to keep your systems safe.

Are you looking for experts who can help you mitigate the risks for ransomware? At Cleartech Group, we have built a reputation for providing premium technical support. Over the years, we have gathered a lot of experience and a strong security team. Contact us today at (978) 466-1938 or reach out online. Our experts are ready to help you.