While many youngsters enjoy it when their school shuts down, this was likely not the case in Flathead Valley, Montana, where the cybercriminal group ‘TheDarkOverlord Solutions’ targeted the entire Columbia Falls school district. This attack caused the three-day closure and otherwise disrupted over 30 schools, and the personal information of teachers, students, and school administrators was supposedly to be released if the group didn’t receive a ransom payment.
Furthermore, and more alarmingly, parents received reportedly graphic death threats against their children from the group. These threats alluded to an infamous, and still painfully recent, school shooting. This is the first time that TheDarkOverlord Solutions have gone to these lengths as far as is known.
The district server for Columbia Falls was ultimately targeted; records detailing the addresses, medical history, behavioral history, and other pieces of information valuable to cybercriminals were accessed that detailed the personal data of current and former students, their parents, and the school’s staff members. As a result, the 30 schools closed (as referenced above) and weekend events and activities were cancelled. With a heightened security presence, students returned to classes on Tuesday, September 19th.
TheDarkOverlord is no stranger to the news, or to targeting vulnerable individuals. In July of 2017, there was an online sale for a tantalizing data set that would allow cybercriminals to leverage information harvested from healthcare providers, just weeks after putting almost nine and a half million records for sale. These records came from a clinic, a healthcare provider, and a health insurance provider.
Somewhat less threateningly, the same group also took credit for releasing the fifth season of the Netflix hit series Orange is the New Black before its official release date, despite receiving about $50,000 worth of cryptocurrency in ransom from an audio post-production studio.
This piece of history shows why the Columbia Falls school district is right in their decision to not pay the ransom, as it in no way guarantees that the cybercriminal (or group) responsible will hold up their end of the bargain. Even if they do, it only proves that the victims are willing to pay, designating themselves as the perfect target for repeated attacks.
The key to your safety is to ensure your data is secure against the entire spectrum of threats. NTConnections can help you to do so. Call us at (703) 288-9767 to get started.