Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Ransomware holds schools hostage: 'Now give us Bitcoin worth $129k, er, $124k, wait ...'

'It's like being in 1981' says district boss

A New Jersey school district in the US has been held hostage by ransomware that has apparently demanded hundreds of Bitcoins to end the situation.

Teachers, staff and kids in Swedesboro-Woolwich school district have been unable to access their computer files in classrooms as a result of a network-wide security compromise, The South Jersey Times reports. Systems from lunch registers in canteens to email servers have been taken offline.

Located in southwestern New Jersey, the district has at least 1,700 students in four schools in grades K-6 (that's primary or elementary school).

The attack is said to have started on Saturday morning. It sounds as though the malware was able to infiltrate computer after computer, or perhaps central file servers, on the network, encrypt all the data it could find, and then demand money for the decryption keys.

It is likely off-the-shelf ransomware was accidentally installed from a booby-trapped email attachment, and then spread across the whole network encrypting every document it could lay its hands on. Given the reported size of the ransom, though, it's possible the district was specifically targeted by crooks.

"Once discovered, the district took steps to contain the infection and began the process of cleansing and rebuilding," officials wrote on the district's website. After the software nasty attacked PDFs, emails, spreadsheets and more, the schools were "operating like it's 1981," superintendent Terry Van Zoeren said.

"The files affected were mainly Word documents, Excel spreadsheets and PDFs created by staff members," district officials added.

"Data in the student information system as well as other applications is stored offsite on hosted servers, and was not affected by the virus.

"Encrypted files were restored from backup to their original state. Servers were restored to remove any trace of the malware. Email and other systems are being restored as quickly as possible."

The malware demanded 500 Bitcoins, Van Zoeren said, a ransom that becomes a better deal for the schools with each passing day, due the sliding BTC-USD conversion rate. We assume 500 BTC is correct, and the superintendent didn't mean $500 in Bitcoin.

The cryptocurrency has been the favored loot of ransomware miscreants as it can be difficult (but not impossible) to trace. The popularity has waned, however, as the price per BTC has declined.

According to tracking site Coindesk, since the demands were made, the value of 500 BTC has dropped from $129,500 (£87,300) to about $124,000 (£83,592) in a few days. At this rate, if the district can hold out another couple weeks they could get the ransom down to five figures (in dollars) – although the downtime could prove overly costly in many other ways.

In the meantime, however, the South Jersey Times reports that the school district has had to put off scheduled standardized tests while they steam clean the network. The district has also called in the New Jersey State Police and the FBI to investigate the attack. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like