It seems that the start of the school year at a New York school should be re-scheduled. According to web application security specialists, an elementary school in Orange County has been the victim of a ransomware attack that prevents its normal operations.
“A cybersecurity threat has significantly impacted operations all around the school district, so the date of the school year beginning will be changed,” mentions an email from the Monroe-Woodbury School District sent to parents last Monday night. In addition, the school will hold an extraordinary meeting with Elsie Rodriguez, the school district’s Superintendent in the coming days.
“We are aware of the difficulties that this change at the beginning of the school year may cause to families whose children attend this school,” the message sent to parents mentioned. “The safety of our students is our top priority, so we consider it necessary to take a little more time to correct this incident,” she says.
The school district is collaborating with a web application security firm to restore compromised systems using daily information backups. “This is part of our regular cybersecurity incident care protocol,” Rodriguez said. Although not explicitly mentioned, it is presumed that the school district will not pay the ransom to hackers.
Although they are not common targets of cyberattacks, this is the fourth time that a school district in the U.S. state tri zone (composed by the states of New York, New Jersey and Pennsylvania) has been the victim of a ransomware attack over the past two months, so this has become a trend that worries the cybersecurity community.
According to web application security specialists from the International Institute of Cyber Security (IICS) a couple of weeks ago a serious encryption malware infection was detected in some school districts on Long Island and Mineola. A third ransomware attack was reported at Rockville Center, in that case, local authorities decided to pay the threat actors nearly $90k USD.