Posted on October 2, 2019 at 5:59 AM
Ransomware attacks have been terrorizing the Internet world in the last few years. Their worrying recurrence has already hit United States’ schools: from January to September 2019, infections involving ransomware have affected 500 American educational institutions, per information from a report by Armor, an online security company.
The firm reported that in its research, it identified ransomware cases at 54 types of learning institutions across America, most of the school districts and colleges. In total, more than 500 schools have been affected by these techniques.
Ransomware attacks involve hackers encrypting the victim’s files and asking for a ransom in exchange for setting them free for the person to have them at his/her disposal again. If the money amount isn’t paid (usually in the form of cryptocurrencies) the cybercriminal threatens to publish compromising material or erase critical information.
The frequency of the attacks has increased over the last couple of weeks, as 15 different school districts covering more than one hundred K-12 schools have been affected at a very untimely time: the start of the school year.
One-third of the 15 total ransomware cases that were reported by Armor were the result of the Ryuk strain, which happens to be among the most active.
The affected school districts are:
- Ava R-I School District in Ava, Missouri
- Wallenpaupack Area School District in Hawley, Pennsylvania
- Mad River Local Schools in Riverside, Ohio
- Papillion-La Vista Comm. Schools in Papillion, Nebraska
- Rockford Public Schools in Rockford, Illinois
- Souderton Area School District in Lansdale, Pennsylvania
- Wakulla County School District in Crawfordville, Florida
- Jackson County School District in Marianna, Florida
- Wyoming Area School District in Exeter, Pennsylvania
- Mobile County School District in Mobile, Alabama
- Houston County Board of Education in Perry, Georgia
- Guthrie Public Schools in Guthrie, Oklahoma
- Smyth County Public Schools in Saint Marion, Virginia
- Northshore School District in Bothell, Washington
All things considered, it was the state of Connecticut the one in which educational institutions were affected the most by attacks of this kind in the first nine months of the year, with seven districts in total.
Louisiana, the Pioneer in the United States in Ransomware Management
However, while Connecticut had the busiest year so far when it comes to ransomware attacks targeting its school districts, the one state which handled them in a better way was Louisiana. A couple of months ago, back in July, Governor John Bel Edwards only needed to see three affected school districts to declare a state of emergency.
That kind of response raised awareness in the community and prompted actions from public and private organizations and response teams. Recovery was achieved just before the school year started, and there was no need to pay the hackers’ ransom and encourage criminal behavior.
It should be said, however, that the Armor research does not specify which school districts paid the ransom and which ones did not, as the data isn’t available.
Reports, however, indicate that the highest demand in the form of a ransom came in Crowder College of Neosho, in the state of Missouri. The cybercriminals asked for the mind-boggling sum of $1.6 million in exchange for decrypting the school district’s systems and files.
Another Research, Similar Results
The Armor research isn’t the only one that tried to unveil more details about this particular form of malware. Emsisoft, an antivirus company, performed an investigation of its own and discovered 62 different ransomware events in American schools in 2019.
The 62 different events occurred at school districts and other educational institutions, with the firm reporting that different ransomware attacks have affected exactly 1,051 individual establishments, including colleges and universities.
Despite both companies reporting different numbers regarding the reach of the ransomware attacks in educational institutions, both coincide with the fact that they have been increasing in recent times.
The K-12 Cybersecurity Resource Center explained that 119 security incidents took place in 2018, and only 11 were of the ransomware variety, a very low number when compared to the 54 and 62 that Armor and Emsisoft reported, respectively.