The largest school district in Nevada announced last month that its records had been hacked and that the hacker was holding the records hostage for ransom.
The Clark County School District refused to pay what the criminals were demanding and now some of the records have been released online.
The school district released a statement on Monday, saying it will individually notify those students affected by the release and is “working diligently to determine the full nature and scope of the incident.”
Brett Callow, a threat analyst for cybersecurity company Emsisoft, told the Journal the hacker had sent the county a warning by releasing a file from the district that appeared to be nonsensitive.
But more sensitive files were released last week that included employee Social Security numbers, addresses and retirement papers and student names, grades, birth dates, addresses and the school they attended.
There’s a special place in hell reserved for hackers — even the so-called “whistleblowers.” There’s usually a pretty good reason some information is classified or secret and it’s arrogant to take it upon themselves to determine which information should be released.
That said, this hacker is not a patriot, he’s a crook — a common thief, no different than a burglar who breaks into your home.
But should Clark County schools have paid what the hacker was demanding?
The attacks put targets between a rock and a hard place, forcing them to choose whether to pay hefty ransoms to criminals or to risk people’s personal information being leaked online. Cybersecurity experts and law enforcement agencies — including the FBI — say targets should avoid paying ransom at all costs in order to put hackers out of business.
“Ransomware attacks happen for one reason, and one reason only: they’re profitable,” Callow told Business Insider. “The only way way to stop them is to make them unprofitable, and that means organizations must stop paying ransoms.”
The site that the records were released on is apparently an online hacker forum, no doubt visited by other cybercriminals looking to harvest personal data like social security numbers and bank accounts.
Clark County is not alone. The Miami-Dade school district has been hit multiple times by hackers.
Last week, school officials announced a 16-year-old student had been arrested and charged in connection with several of the attacks. The student, officials said, admitted to orchestrating eight attacks.
The teen’s computer and gaming system were taking into evidence, Miami-Dade Schools Police Chief Edwin Lopez said, adding it’s unclear if the student was working alone.
Officials say they believe there are other attackers. Some of the IP addresses involved in the attacks have been traced back to Russia, Ukraine, China and Iraq, Superintendent Alberto Carvalho said. It’s unclear if there are attackers physically in those countries, but school officials said they’re working with international authorities in their investigations.
Certainly, some of the hackers are teenagers. But it’s likely that organized criminal gangs are mostly responsible for the hacks.
There is an arms race of sorts between hackers and cybersecurity companies — many of them employing former hackers who look to develop software to plug the holes in servers and networks. It’s a losing battle. What’s getting much better is our ability to track the thieves and put them out of business.
That won’t help the kids whose personal information was leaked.