Conti Ransomware Gang Demanded $40 Million from Broward County Schools

Posted on by Dawna M. Roberts in News April 19, 2021
https://content.infopay.net/storage/thumbnails/oqpLhSaN4AJRaNgM1lvrzMyUFD9ZLhT4SACwTG4y.jpg

You cannot turn on the news these days without hearing about another ransomware attack. Last week, the Conti ransomware gang targeted the Broward County Public Schools and demanded a shocking $40 million ransom.

Why Broward County?


Broward County Public Schools is massive. It is the sixth largest in the nation and the second-largest school district in Florida. Large equals money which is why the Conti gang targeted them. They operate on an annual budget of $4 billion and serve 261,000 underaged students along with 110,000 adult students. 

The hackers encrypted the school’s systems weeks ago and then threatened to expose personal information for students, teachers, and employees. The schools announced to parents on March 7 that they were experiencing a computer outage, but clearly, it was much more severe than that.

The story was first covered by DataBreaches.net, who disclosed that among the stolen information were student social security numbers, names, birthdates, and home addresses for staff and students. All of this is very dangerous in the hands of cybercriminals. Anyone included in that mix could become the victim of identity theft or fraud. 

Databreaches.net reported that “Earlier this month, Broward County Schools disclosed a cyberattack that sounded pretty serious. But there did not seem to be any follow-up in the media or on their website to explain exactly what had happened and with what impact. Broward County Public Schools Now threat actors have leaked what appear to be ransom negotiations with the district.”

How Has Broward County Responded?

According to SC Magazine “Broward County Public Schools Thursday released a statement saying it hired a cybersecurity firm to investigate and remediate the attack. The district also said it did not intend to pay the ransom and underscored that it was “not aware of any student or employee personal data that has been compromised as a result of the incident.”

The hackers posted a message revealing that they were willing to negotiate the ransom, “The good news is that we are businessmen,” the text message from the hackers said. “We want to receive ransom for everything that needs to be kept secret, and don’t want to ruin your reputation. The amount at which we are ready to meet you and keep everything as collateral is $40,000,000.”

After a few back-and-forth negotiations, they lowered the figure to $10 million, still an outrageous sum of money. 

Education Hit Hard

Along with Broward County Public Schools, various other educational institutions were hit with similar attacks. Some of the victims include the University of Maryland, Baltimore Campus (UMBC); the University of California, Merced; the University of Colorado; and the University of Miami. Reports claim that the Clop ransomware gang was responsible for most of these attacks. 

Threat assessors have discovered that many of these attacks trace back to an Accellion FTA breach and have spider webbed out to its associates and customers. 

The University of Utah suffered an attack and paid a ransom of more than $450,000 to protect the privacy of those involved. Michigan State, on the other hand, refused to pay hackers any ransom after their attack. 

To Pay or Not to Pay

It’s hard to know which is the best course of action. Some victims feel it’s better to pay the ransom and take the chance that the information may still be at risk. Others refuse to negotiate with terrorists. Officials claim it sets a bad example and only encourages more of these types of attacks.

One thing that is not in question is that schools and corporations need to invest in better security so that these incidents do not keep happening. Hackers are only ramping up more; they aren’t going away. The solution is better security and a focus on the privacy of personal information.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

FREE IDENTITY THREAT SCAN
Scan Your Records for Breaches, Leaks & Exposures!