Two Michigan Schools Fall Victim to Ransomware Attack

Two Michigan Schools Fall Victim to Ransomware Attack

Colin Thierry Colin Thierry
Published on: November 22, 2022
Two Michigan Schools Fall Victim to Ransomware Attack

Two schools in Jackson County, Mich. had their system compromised by hackers last week in a ransomware attack, forcing them to shut down in order to contain the damage.

While other industries, like the healthcare industry, seem more susceptible to ransomware attacks, school systems are just as vulnerable, if not more so. Holding up a school for ransom has become pretty common for threat actors over the years, especially since these institutions tend to hold a variety of private information.

“As you are aware, our technology consortium is currently experiencing a systems outage affecting critical operating systems in the district,” said Kevin Oxley, superintendent of the Jackson County Intermediate School District, in an announcement last week. “This outage occurred because we were victims of a ransomware attack detected over the weekend. Immediately upon discovering suspicious activity, we proactively took systems offline in order to contain the incident.

“We have engaged external cybersecurity advisors to investigate and assist in the safe restoration of our systems. We have also notified law enforcement.”

This security incident forced both schools to cancel classes for a couple of days, while administrators advised everyone to refrain from using school-issued devices until the extent of the damage was assessed.

“Providing a high-quality learning environment for our students is our number one priority and we are doing everything in our power to get them back in their classrooms,” said Oxley. “Our investigation remains ongoing. We will provide more information as it becomes available.”

The school district hasn’t yet said which group is responsible for infecting them with the ransomware. That said, there’s always the privacy issue.

Over the past few years, ransomware gangs began to exfiltrate data from compromised systems before locking them up to demand ransom. Then, they would start by threatening to publish stolen information if the victims didn’t pay the ransom.

Source of Article