The NY-based Syracuse City School District (SCSD) has found
itself between a rock and a hard place after hesitating to pay cyber criminals a
ransom to unlock its systems.
Ransomware operators struck the schools as early as Monday
last week, leaving the district struggling for seven days now. School
administrators didn’t know why their systems were failing until they learned
they had been infected with ransomware.
A spokesman said an “attack froze the district from accessing
our own systems,” according to local news outlet Syracuse.com. Citing a
source familiar with the matter, the report also reveals that, “the unknown
hackers’ demands keep increasing as the district misses deadlines for payment.”
The SCSD’s insurer is urging administrators to pay the
attackers, but the school district is following the FBI’s standard advice in
ransomware cases — refrain from paying the criminals. The FBI says attackers
grow bolder each time their demands are met and they use the money to finance
new attacks. In any case, they say, there is no guarantee that paying will
yield a decryption key from the hackers.
It is unclear whether the FBI has stepped in to help or the
SCSD is merely taking a page from the
FBI’s booklet on dealing with ransomware.
“An FBI spokeswoman said she could not comment. She said the
FBI does not confirm or deny its involvement in any case,” the report adds.
The district’s insurer is increasingly restless about the damage
it will have to cover in case the ransom is not paid, sources say. A spokesman
said the district had been instructed to keep details under wraps until a forensic
audit is completed.
In recent months, several major cities across the United States have been struck by ransomware. In some cases, like the attack on Baltimore, city officials refused to pay thousands of dollars in ransom only to incur tens of millions of dollars in damages. In other cases, such as in Florida, cities struck by ransomware resorted to paying the hackers for the decryption keys.
Security experts worldwide, not just those employed by the
FBI, agree that ceding to ransomware operators’ demands only fuels the next
wave of ransomware attacks, keeping the bad guys’ business alive. However,
there are instances where experts agree it’s not always possible to respect the
rule of thumb, such as when healthcare systems are affected, potentially
putting lives at risk.