Horry County Schools approves paying computer virus ransom

Horry County School Board cancels original new school building plan (Image 1)

CONWAY, SC (WBTW) – The Horry County school system remains locked out of several servers after a ransom computer virus got into the system last week.

Charles Hucks is the executive director of technology for Horry County Schools, he’s had non-stop 20 hour days this past week to try to restore locked up data. The virus was discovered last Monday. Servers were immediately shut down to stop the malware from spreading further, and that did interrupt some online services.

Hucks says HCS was not targeted to gain access to data, but a high-level encryption was used to lock up the data on the schools’ servers.  As far as they can tell, nothing was stolen or removed, and staff and student information is safe.

Hucks says they have been able to back up most of the lost data, but 25 servers with information for elementary schools are still encrypted with no way to get in.

“And the only way we’ll get it back is to pay,” said Hucks.

Administrators approved an $8,500 ransom to unlock the servers, but they’ve had trouble making the payment. Hucks says the ransom had to be paid in Bitcoins, but purchasing them is more difficult than going to your local bank.

The digital currency is available online from dealers in the U.S. and abroad; so they are being careful who they make a purchase from.

“In the next few days we should know. We’re going server by server, back up by back up, to see exactly what we have and the time that it takes to back up, so that will be a business decision,” said Hucks.

Hucks says they’re willing to pay because it’s a small amount compared to the man hours already lost trying to solve the problem.

Even if the ransom is paid, and the data restored, there’s no guaranteed way to stop the same kind of thing from happening again, although Hucks says a repeat attack is highly unlikely.

“From what we know from this variant, it does not have a component that sticks around. That is not typically the objective of these types of malware,” said Hucks.

Hucks says beyond looking for anomalies and keeping software patches up to date there is simply no guarantee there’s not a virus still lurking.

“That’s most technology management folks worst nightmare is, for there to be something in the network and you don’t know it’s there,” he said.

Hucks says viruses and malware are more and more common, so they are stepping up their security.

“External visibility of servers and access and account level changes,” are areas he’s looking to improve security.

Horry County Schools was even investigating the possibility of hiring an outside security provider a month before the attack, they were just waiting for an official proposal when hit. The school system did reach out to SLED and the FBI, but Hucks says there is simply no way to determine where the attack came from.

Hucks believes the breach occurred in an older server with software that contained out of date applications.

  • https://www.securecybersolution.com/horry-county-schools-approve-paying-computer-virus-ransom-making-payment-problematic/ Horry County Schools approve paying computer #virus ransom; making payment problematic | Secure Cyber Solution

    […] Source: Horry County Schools approve paying computer #virus ransom; making payment problematic […]

    Like

  • https://securityledger.com/2016/02/its-time-to-stop-ransomware-shaming/ It's Time To Stop Ransomware Shaming! | The Security Ledger

    […] based support for victims to facilitate rapid payment. That’s no accident. Recent stories such as this one suggest that the biggest obstacle to resolving infections, for victim organizations, is figuring […]

    Like

  • http://www.digitaltrends.com/computing/hospitals-schools-churches-are-targeted-in-string-of-ransomware-attacks/ Ransomware Attacks Spread Like Wildfire Internationally | Digital Trends

    […] demanded $8,500, again in Bitcoin, to restore access to the files. The schools’ administration has approved the payment of the ransom and it’s now setting out to buy up some Bitcoin to pay off the […]

    Like

  • http://blog.musicas.site/2016/03/07/primeiro-malware-que-sequestra-macs-foi-distribuido-em-cliente-de-bittorrent/ Primeiro malware que sequestra Macs foi distribuído em cliente de BitTorrent – Blog Músicas.Site

    […] hospital de Hollywood, o departamento de saúde de Los Angeles, e uma escola na Carolina do Sul (EUA). Esse tipo de malware vem surgindo há anos no Windows e Android, e agora se espalhou para o OS […]

    Like

  • https://www.neoscopeit.com/cybercrime-law-firms-business-risk Cybercrime and Law Firms - is your Business at Risk? - Neoscope Technology Solutions

    […] pay a hefty ransom to regain access. Educators in South Carolina learned this the hard way when the Horry County School District was locked out of its own systems. The district paid hackers thousands of dollars in Bitcoin to regain access. If you have data that […]

    Like

  • https://blog.varonis.com/how-has-ransomware-impacted-the-us-government/ How has Ransomware Impacted the US Government?

    […] another district paid the $8,500 ransom because more than 40,000 teachers and students relied on the servers and thought […]

    Like

blog comments powered by Disqus