The computer system of one of the most university districts in the country was hacked by a criminal group who encrypted the school district’s data and demanded a ransom of $40 million, otherwise it would delete these files and post personal information of students and employees online .
Broward County Public Schools said in a statement on Thursday that there is no indication that any personal information has been stolen, nor has it extorted payment from ransomware gangs. As an obvious pressure strategy of the ransomware gang, last week a screenshot of online negotiations with the region was released to its website on the dark web.
Florida’s second largest city decides to pay ransomware hackers
The area headquartered in Fort Lauderdale said it is working with cybersecurity experts to “investigate the incident and repair the affected systems. Work to restore all systems is ongoing and progressing smoothly. We have no intention of paying the ransom.” According to the hacker’s screenshot, The district was indeed willing to pay $500,000 after two weeks of round trips, by which time the ransomware criminals had clearly concluded negotiations.
The region declined to comment further beyond its statement. Broward has 271
RANSOMWARE is the “Best Seller” on the underground hacker forum
The Conti group stated at the beginning of the negotiations with the district officials: “This may be a large sum for you.” The official’s name did not appear in the screenshots and was not released. Its data locking malware is one of the 10 most popular viruses in ransomware.
“This is a public school district,” Broward negotiator replied. “You can’t think we have anything to approach!” It is not clear whether the representative is a regional employee or is usually a hired ransomware negotiator.
The FBI usually investigates such attacks, but said Thursday that it would not confirm whether it is investigating the attack.
In the past three years, the prevalence of ransomware attacks has plagued government agencies, businesses and individuals. Most are Russian-speaking gangs in Eastern Europe and enjoy the sanctuary of a tolerant government. More sophisticated organizations will determine their targets in advance, infect the network through phishing or other means, and often steal data when they plant malware that can encrypt the victim’s network.
Pensacola hit rate caused by Lançois attack
After the ransomware is activated, criminals will ask for money to unlock the malware and avoid publishing or selling stolen data. For the company, the data may be a trade secret. For retailers or government agencies, it might be a social security number, bank account number, and birthday. Conti claimed that it was stolen from Broward’s social security numbers, birthdays and other student and employee information.
Public school districts have been the target of ransomware attacks. Baltimore County, Maryland; Fairfax County, Virginia; Hartford, Connecticut; and Fort Worth, Texas were the hot lists last year. The Cybersecurity and Infrastructure Security Agency (Cyber In December of last year, it said that K-12 schools accounted for 57% of all attacks reported in August and September, and 28% from January to July.
Florida City was forced to pay 460G of RANSOMWARE to fire IT manager after attack
Brett Callow, an analyst at cybersecurity company Emsisoft, said that overall, ransomware attacks disrupted 1,681 schools, colleges and universities in 2020, and there have been at least 544 cases so far this year. Seven regions have released personal data.
Due to the responsibility and stigma of the victims, many ransomware cases have not been reported. Cybersecurity companies have good data on ransom payments. Part of the reason is that negotiations between victims and hackers are conducted on dark websites. Researchers learn about the information through shared malware samples. Criminals usually Instructions and requirements are left in the ransomware description. Entire sub-sectors have also emerged to help victims deal with emergencies.
According to data from the network security company Palo Alto Networks, the average ransom paid to hacker groups has almost tripled, from US$115,000 in 2019 to US$312,000 in 2020. It said that the highest ransom paid by an organization has doubled from last year to 10 million U.S. dollars, up from 5 million U.S. dollars in 2019.
The City of Florida pays a $600G ransom to hackers in an effort to keep records
In the negotiations between Conti and Broward, after the group initially proposed a $40 million demand, it expressed its willingness to negotiate: it will accept $15 million in Bitcoin, but it must be delivered within 24 hours. Otherwise, it will upload the claimed personal information and permanently lock the computer system. Conte said that legal claims for lost data in the area would exceed $50 million, so it should consider bargaining.
Conte told the region: “Pay 15 million dollars and you can be guaranteed to solve your problem.”
The region insists that it still cannot afford it and cannot use Bitcoin anyway. Ransomware gangs require payment in online currency, as this can be difficult to track.
Conte hinted that it had discovered destructive information about an unnamed royal family in Broward’s database, thereby exacerbating the threat. The accusation made the negotiators in the area feel absurd.
Click here for the FOX News App
The negotiator replied: “What do you mean to the royal family… We are a public school district.”
The negotiations lasted for two weeks, and Kandi finally reduced its demand to 10 million US dollars. The area has a counter offer of $500,000. That is the last screenshot posted.
Emsisoft analyst Carlo said: “Negotiations are bizarre.” “Conti operators are experienced blackmailers, so it’s strange that they don’t seem to know who they are dealing with, and demand that the public school district can never pay this amount. I can’t explain.”