Once again Connecticut, New York and Florida schools are infected with ransomware

The recent wave of ransomware attacks on school districts in various U.S. states does not stop and has claimed new casualties. Digital forensics specialists reported an incident at some schools in Wakulla County, in Florida, where the school district has already met with its insurance company to determine the most appropriate measure.

Robert Pearce, the school district’s superintendent, mentioned that they have been in contact with hackers since the incident was spotted. “After infection the attackers contacted us to inform us about the situation, as well as to set the amount of Bitcoin demanded as a ransom; there are other details that I cannot reveal now, as an investigation is underway,” the superintendent said.

The district’s digital forensics team concluded that hackers did not managed to access students’ personal information; however, the attack shut down some school systems and email servers. “At this moment it is not possible to access all our systems, but operations have not stopped completely,” Pierce added. This is the third ransomware incident in a recently reported school district in Florida.

Nonetheless, bad news is not limited to Florida. The Central School District in Groton, a small town in Connecticut, has disclosed a ransomware infection in its systems that occurred during the past week. During the incident, the records of nearly a thousand students were exposed; compromised personal data include students’ full names, email addresses, dates of birth and school identification numbers.

According to digital forensics specialists, the incident would have begun in November 2018 due to unauthorized access to one of the school district’s storage systems, which stopped receiving support and updates nearly 4 years ago. On this occasion, it was the FBI to notify Groton school authorities of the incident.

People from the small town Wolcott have reportedly been hardest hit by this incident, as authorities are continuing to investigate the attack that completely shut down access to the district’s school systems. “Our school systems were attacked, a team of digital forensics experts is working to regain access to the systems,” said Thomas Dunn, Mayor of Wolcott.

Finally, last June 13 users detected that the ransomware had blocked access to multiple storage systems. The incident forced authorities to shut down all computer systems in the district for more than a week.

Experts from the International Institute of Cyber Security (IICS) recently reported multiple similar incidents affecting school districts in other U.S. territories, mainly in New York and Louisiana, where it was even decreed, for the first time, an information security emergency estate, which allowed local authorities to obtain the resources needed to begin their data recovery process.

In other cases, such as Riviera Beach in Florida, local authorities decided to set a payment with the attackers and regain access to their systems immediately, as they considered the recovery process, in addition to being too costly, to be too slow.