UPDATED 19:53 EDT / NOVEMBER 26 2020

SECURITY

Baltimore County schools forced to cancel classes following ransomware attack

The Baltimore County Public School system was forced to cancel classes Wednesday after its computer network was struck by a ransomware attack.

According to local reports, the ransomware disabled the school system’s entire network. The attack struck the network Tuesday night. One parent claimed to have been on a virtual school board meeting at 10:30 p.m. when “the screen just went blue.”

The form of ransomware used in the attack was not disclosed. Officials said only that a ransom payment had been demanded. Local law enforcement and the U.S. Federal Bureau of Investigation have been called in to investigate.

In a case of unfortunate timing, the ransomware attack came as state auditors published a report on Tuesday that found significant risks in the BCPS system computer network. The report found that the network was not being adequately secured and that sensitive personal information was not properly safeguarded, among other issues.

The attack on the BCPS system is not the first time computer networks in Baltimore have been targeted in a ransomware attack. In May 2019, government services in Baltimore were knocked offline for weeks following a Robinhood ransomware attack that spread throughout the city’s network, disabling systems ranging from payment services to police, the Department of Transport and closed-circuit television networks. In that case, those behind the attack demanded a payment of 13 bitcoins, worth $100,000 at the time, for a decryption key.

“The ransomware attack on Baltimore County Public Schools, which resulted in a network interruption that disrupted student learning, proves the education sector remains a lucrative target for cybercriminals and the industry as a whole must consider more progressive security controls as institutions, parents and students adapt to virtual learning,” Mike Riemer, chief security architect at secure access solutions firm Pulse Secure LLC told SiliconANGLE.

James Carder, chief security officer at security intelligence company LogRhythm Inc. noted that school districts continue to be a top target for ransomware attacks, especially during a holiday week when many let their guards down.

“As we have witnessed over the past few months, threat actors are still at large — implementing ransomware attacks to gain control of vital data and bring organizations to their knees,” Carder said. “The increased reliance on e-learning has made schools around the nation, like the Baltimore County Public Schools, an even bigger target of opportunity than before as the stakes are higher and worth more money. The next potential string of attacks could even be against parents of children using these e-learning systems.”

Photo: Baltimore Heritage/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU