Massachusetts school district caves to ransomware demand, pays $10,000
Massachusetts school district caves to ransomware demand, pays $10,000

The Leominster, Mass., school district found itself compelled to pay a $10,000 ransom after the district was hit with ransomware.

The attack occurred on April 14, CBS News reported, and effectively knocked out the district offline. Leominster Schools Superintendent Paula Deacon told CBS that the payment was made following the attack and that the district is still waiting for its system to be fully restored.

The Leominster website was still offline as of April 30. School officials do not believe any information was removed from the system.

District officials contacted the local police, who are declining to conduct an investigation claiming that solving the crime is “impossible." When asked by Deacon whether or not the ransom should be paid Interim Leominster Police Chief Michael Goldman he said yes, CBS stated.

Some negotiations were conducted with the malicious actors prior to the ransom being paid.

“Normally we recommend not paying when hit with a ransomware attack as this only feeds the flames for cybercriminals to continue the practice. Your payment becomes an incentive for them to continue working on more advanced attacks. Additionally, paying doesn't necessarily mean you're going to get your data back,” said Dave Packer, vice president of corporate and product marketing at Druva.

Israel Barak, Cybereason's CISO, has previously told SC Media the delay in bringing a business' systems back online after a ransomware attack is one reason to take a chance and pay up, however, this should not be done unless all other avenues of correcting the problem have been explored.

“The key factor should be the alternative ways to restore business operations. If the direct or indirect costs of other alternative ways are significantly higher than paying the ransom, it probably makes more sense to pay the ransom and better prepare for the next attack. In the vast majority of the ransomware cases where data files were encrypted, paying the ransom resulted in restoration of the lost data,” he said.