Ransomware cyberattack leaves behind damage on BCPS system

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Baltimore County Public Schools information technology personnel are spending Thanksgiving trying to undo the damage caused by a ransomware cyberattack.Officials discovered the breach late Tuesday night.Computer experts said school systems are becoming a frequent target of cyberattacks. According to anti-malware company Emsisoft, 77 school districts across the country have been impacted by ransomware so far this year, disrupted learning to 1,582 schools, including in Baltimore County.The cyberattack on BCPS may be the work of the Ryuk cartel, an organization that sells ransomware as a service to customers. BCPS officials nor police have confirmed a Ryuk connection.Cybersecurity experts said Ryuk ransomware is commonly used in attacks on the public sector, including school systems.”There’s a whole black market of people out there who are finding vulnerabilities and building exploits and often selling them to the highest bidder, then they are used in these types of attacks,” said Avi Rubin, technical director at the Johns Hopkins University Information Security Institute.The ransomware locks access to data. It took more than two months for two school districts in New Mexico to repair Ryuk ransomware damage.”We are at the end of a marking period. I know other staff are concerned. They’e been on during the evenings, doing grading, report cards. There’s that additional concern,” said Elena Lomicky, a Baltimore County kindergarten teacher.Emsisoft cybersecurity expert Brett Callow does not believe the ransomware got into the school system through an email.”The hackers will likely have gained an initial foothold in the districts network days or even weeks ago. They’ll then have spent time hacking their way deeper into the network so that they can cause the maximum damage when they finally start to encrypt files,” Callow said.Baltimore County has not said whether there is a ransom demand. Experts advise against paying one.”One, is you are rewarding them for this malicious activity. You are also helping to build up their resources to launch further attacks,” Rubin said.Baltimore County already had schools closed through Monday. The school superintendent said Wednesday there is no…

Source…