Middlesex County Public Schools (MCPS) has confirmed that there has been a “ransomware” attack on the schools’ IT system, reportedly by unknown cyber-criminals.
A ransomware attack is when data gets encrypted and is inaccessible by the owner. The attacker demands a monetary ransom to release the data back to the owner.
The cybersecurity organization BetterCyber said last week that the Akira ransomware group claimed on the “dark web” to have hacked the MCPS website, allegedly stealing 543 gigabytes (GB) of its data.
This is the second ransomware attack on a Virginia public school in recent months. Franklin County Public Schools (FCPS) was a victim of an attack which forced the closing of the school May 15, while a team worked to address the issue.
FCPS officials stated students were back in school on May 16 and no ransom was paid to the cyber attackers.
Dr. Seitz said last week that the school system does have insurance in the event that MCPS has to pay the ransom.
Middlesex County Administrator Matt Walker confirmed that the county and school system have insurance. Walker said that the county has been very concerned about a ransomware attack on its system.
He said that the county, from time to time, sends out fake emails to county employees and supervisors to see if anyone clicks it. Hackers infiltrate an IT system by getting someone to click on a site that contains a virus that causes data to get encrypted (unreadable and unretrievable), unless a ransom is paid.
“We tell everyone on our staff and boards that unless you are sure the email you received is from the person you know sent it, do not click it on,” said Walker.
The Sentinel reached out to Seitz on Monday, June 5 for an update on the matter. She indicated there was no update. “The incident response team that we have gotten together is still working on the situation along with law enforcement officials,” she said.
