Ransomware has again shut down schools, an increasingly popular target for criminals.
Hartford public schools in Connecticut postponed the first day of classes, Sept. 8, after the city was informed by the Metro Hartford Information Services (MHIS) that ransomware caused critical systems to go down.
Systems infected included those that communicate transportation routes to the city’s bus company. Those systems are necessary for getting children to school. That was one of the principal reasons school was postponed, Hartford Mayor Luke Bronin said in a press conference, broadcast by CBS affiliate WFSB.
The schools reopened on Wednesday after the systems were restored.
“We have been informed by Metro Hartford Information Services…that our critical systems have been restored following the ransomware attack,” the school district said in an announcement Wednesday.
Hartford Mayor Luke Bronin said at the press conference the school district is “often the subject of cyberattacks” but this “was the most extensive and significant attack the city has been subject to in the last five years.”
Bronin said the city’s cybersecurity system “significantly limited the damage of the attack” and that they were not locked out or had information stolen or ransoms demanded.
“To the best of our knowledge, we successfully guarded against that,” he explained.
“We do not believe that any private or personal information was stolen or sensitive financial information was stolen,” he said, adding the city invested $500,000 in 2019 to scan and monitor systems more effectively and isolate viruses.
Of the approximately 300 servers the city has, more than 200 were attacked.
The city does not know who was behind the attack, the mayor said, adding that there was no specific ransom demanded and that they were only asked to “contact a specific email address.”
“Hundreds of schools, from districts to universities, have already been successfully hit with ransomware attacks in 2020 alone,” Adam Laub, General Manager at Stealthbits Technologies, told Fox News.
“Schools…maintain highly sensitive and personally identifiable information from Social Security numbers to medical records, credit card and other financial information – all of which attackers are happy to monetize,” Laub said.