A crypto ransomware attack affected servers in the Mountain View-Los Altos school district in California last week. The attackers used software known as Sodinokibi, which probably comes from Russia or China. A reward was also requested in Bitcoin, without specifying the amount.
Sodinokibi appeared in 2019 and has since proliferated worldwide. For example, in January, the London-based Travelex company was the victim of such a ransomware attack, demanding a $ 6 million cryptocurrency reward.
The California school district announced that, of the approximately 500 computers on the network, about 50 were affected. Most of the teachers lost access to data and documents stored in the cloud. These include courses, exams and presentations. So far, it is not known whether the personal data of the students were compressed or not.
To resolve the incident, the district is working with the cybersecurity company Kroll. The company also has a third party negotiator, which can help negotiate the redemption if it decides to go this route.
Mountain View-Los Altos has cyber security insurance
Prior to the ransomware attack, the district was already upgrading its network. They signed a contract with Portola Systems to help improve network security. Unfortunately, this upgrade was scheduled for the school holiday in February.
“With the upgrade we’re doing right now, we bought a piece of software called Cisco Umbrella that would have prevented this attack. Unfortunately, this cyber security insurance did not prevent this attack ”,
said Mountain View-Los Altos District IT Director.
Although ransomware is not new, it appears more and more often as profitability continues to grow. Hackers are particularly interested in attacking government systems and large companies. These institutions are more willing to pay large amounts quickly to restore their networks. For example, a recent attack on the computer system in New Orleans, Louisiana cost the city $ 7 million.