The hackers who tried to extort Broward County Public Schools for millions early this month are a tight-knit crew of ransomware scammers tied to nearly 300 attacks over the last five months, according to security experts.
Conti, as the group is known, first appeared near the tail end of 2020, said Chester Wisniewski, a principal research scientist at Sophos, a global cyber-security company that monitors ransomware threats.
The group, Wisniewski said, has set its sights on local governments, hospitals and now school districts. They pick the targets, he said, because security systems are often weak, overlooked and underfunded.
Wisniewski said Conti is a relatively new group among a dozen or so “big game hunter” crews in the ransomware underworld that collect million-dollar payouts by marshaling coordinated attacks on businesses and organizations.
Most crews, he said, operate out of Russia or nearby countries that don’t extradite criminals to the U.S.
After getting individuals within their target companies or organizations to allow them access into systems through spam emails, fake websites or other tricks, they set about gathering sensitive data like Social Security numbers, dates of birth and financial records and holding them hostage until a ransom is paid.
Often ransoms are paid in Bitcoin, a cyber currency that Wisniewski said can be quickly laundered into other cryptocurrencies that are hard to trace.
In February, the FBI reported that over $144 million in Bitcoin has been paid out in ransoms between 2013 and 2019.
Wisniewski said ransomware attacks have been around since the 1990s but they have become more sophisticated and gone after bigger and bigger targets since 2013.
A national cyber task force made up of 15 government agencies investigates the attacks in the U.S., according to the FBI. The task force particularly focuses on attacks of networks that belong to hospitals, local governments, municipalities, and police and fire departments.
“These types of attacks can delay first responders in responding to emergencies or prevent a hospital from accessing lifesaving equipment,” an FBI release said in February. “It is imperative these organization be prepared…