MARION, Iowa (KCRG) – Leaked screenshots show the Linn-Mar School District is dealing with a ransomware attack much more severe than the “technical difficulties” the district has described to staff and parents.
A staff member shared with TV9 screenshots from district computers showing a warning message stating “all your files have been encrypted by Vice Society”. The warning goes on to threaten to upload those files to the dark web unless the user contacts them to purchase a key within 7 days. The notice does not give the cost of that key.
In email notices sent to staff and parents on Monday, the district has only described “technical difficulties” with its computer network that has prompted it to limit physical access to district buildings for the rest of this week. The note says it is working with “third-party specialists to investigate the source of this disruption, assess its impact on our systems, and to restore full functionality to our systems as soon as possible” and that the district’s network and phone systems are down.
TV9 reached out to Linn-Mar administration Wednesday to confirm the ransomware attack but has not received a response yet. TV9 asked earlier this week if the district was facing a cyber-attack but district spokesperson, Kevin Fry, would not confirm or deny that description, saying only “that’s really all we know at this point.” It also did not respond to a question on whether the district would be ready for the first day of school, which is less than three weeks away.
Ransomware is an increasingly common threat to business and government computer systems in which hackers lock up a computer network and demand a ransom in order for users to regain access to their files. Vice Society is a ransomware gang of hackers that has been involved in several ransomware attacks globally, including the city of Palermo, Italy in June and the Medical University of Innsbruck in Austria last month.
PCRisk.com describes Vice Society as a form of ransomware virus and warns “decryption is impossible if the cyber criminals are not involved” but warns “it is expressly advised against meeting the ransom demands – as victims often do not receive the decryption tools despite paying.”
It’s unclear if this attack is connected or similar to the cyber-attack that hit Cedar Rapids Schools last month, forcing the district to shut down for a week. The district has said law enforcement and lawyers advised it not to give any detail about what happened. It has notified nearly 9,000 current and former staff that their personal data has been exposed in the incident and has said it is still dealing with computer system issues from the attack that may impact the start of the next school year.
Copyright 2022 KCRG. All rights reserved.
Original Source link