Crypto Ransomware Paralyzes California School District
A crypto ransomware attack shut down the Mountain View-Los Altos school district servers and phone system on Wednesday. The malicious software demanded Bitcoin as ransom to restore service.
By shutting down file access on the district’s servers, the
crypto ransomware has created tremendous problems for teachers and administrators. Many classroom activities such as exams and presentations have had to be halted. Additionally, fraudulent activity on district credit cards has taken place, which is believed to be tied to the attack.
Whether or not sensitive student data has been compromised remains unknown.
The software involved, known as Sodinokibi, likely comes from Russia or China. It emerged in 2019 and has since proliferated across the globe. For example, in January this malware hit the London-based Travelex
exchange company, demanding USD $6 million in crypto.
The Mountain View-Los Altos administration is seeking help from Kroll, a cyber security company, but states that the system will likely be offline when school resumes on Monday morning. It promises to give regular updates on Facebook and Twitter.
While ransomware is not new, it is appearing more frequently as its profitability continues to rise. Hackers are especially interested in attacking governments and large businesses, as these institutions are most likely to pay large sums quickly to have their networks restored. For example, a recent attack on the New Orleans, Louisiana computer system has cost the city USD $7 Million.
There is no question that the increasing adoption of cryptocurrency is serving as a catalyst for these attacks. Its borderless and anonymous architecture makes it the perfect payment method for digital ransom.
Resolving this growing problem will not be easy. An entire network can quickly become infected if one user merely opens a malicious email attachment or runs an infected app. Compounding this problem is the fact that institutions such as cities and school districts tend to have older machines that are not kept up-to-date with the latest protective software.
It is not surprising that insurance companies are now offering policies to protect against ransomware attacks. New Orleans, which has such a policy, will recoup USD $3 million of its lost funds. Also, law enforcement is becoming increasingly educated on cryptocurrency and
blockchain technology to better understand this new threat.
Although critics of cryptocurrency frequently point to ransomware attacks, it is worth noting that this issue predates the development of blockchain technology. Also, the overwhelming number of cryptocurrency transactions are legal.