Crypto ransomware attacks California school district

A crypto ransomware attack has shut down the servers at the Mountain View-Los Altos school district. The attacker is now demanding money in Bitcoin as a ransom to restore the systems. The crypto ransomware has closed off the file access on the district servers. This has created huge problems for the administrative staff as they are now unable to access important data stored on the servers.

Crypto ransomware attacks school district

Ransomware is a type of cyber attack in which the attacker selects a target device and encrypts critical files on the device. Then, the attacker demands money (usually in crypto) for decrypting these files. The attack is usually triggered by clicking on unknown links or opening emails by unknown people. Currently, one such attack has taken a school district in California as a hostage since Wednesday.

Due to the attack, the schools have stopped many activities such as exams and presentations. Moreover, district credit cars are seeing fraudulent activity that is believed to be caused by the ransomware attack. It is also unknown whether sensitive student data, such as student profiles, has been compromised.

The ransomware is known as Sodinokibi and likely originates from China or Russia. The software was first discovered in 2019, and since then, it has been used in several attacks, such as the malware that hit Travelex exchange.

The district administration has sought out help from cybersecurity firm Kroll. However, the administration revealed that the systems would probably remain offline when school resumes on Monday. The administration would give regular updates through their social media handles. 

Featured image by pixabay.