A small school district in Massachusetts was the target of a ransomware attack last month which resulted in a $10,000 bitcoin payment to anonymous cyber extortionists.
The attack, which locked all of the Leominster Public School District’s computers, was carried out by a party demanding a payment to return the computer system to normal. Paula Deacon, the school district’s superintendent, was notified of the hack on April 14.
“They didn’t have a clean offsite backup,” said Leominster Interim Police Chief Michael Goldman in an interview with ABC News. “This happened and the school system was not locked down as they should have been.”
Cybersecurity experts often recommend up-to-date, offsite backups of computer systems as the best defense against ransomware. If a ransomware target is locked out of one system, a backup would allow them to immediately move their operations to a new server and continue normally.
Leominster officials also notified the FBI of the attack. In most ransomware cases, federal law enforcement agencies advise against paying the ransom. This is to deter criminals from trying in the first place, but also because even after a ransom is paid, there is no guarantee that the cyber attackers have truly left.
The ransom was paid on April 20, coming out of the City of Leominster’s general fund, Mayor Dean J. Mazzarella told the Worcester Telegram & Gazette. According to officials, access to most of the school district’s computers was restored following the ransom payment.
The attack comes amid an increase of ransomware attacks worldwide. Last summer, a ransomware attack nicknamed WannaCry crippled computer systems across Ukraine before spreading to over 150 countries. In March, municipal functions in the City of Atlanta ground to a halt after a ransomware attack targeted city computers.