Berkeley County, WV Schools Hit by Ransomware

bcr229 · Feb 5, 2023

So, the county IT system was hacked by the Russian group Vice Society and it was completely offline last Friday. So, of course the kids learned nothing because all of their coursework is in Schoology. Tomorrow (Monday) the students are off, teachers and admins are to report two hours late. Unfortunately the emergency systems, alarm bells, comms, etc. all run through whatever got hacked which is why the kids are off.

I'm hearing at least a week to get everything back up and running. Meanwhile, local stores are selling out of paper and pencils...

steves1911 · Feb 5, 2023

I'm hearing that student info may have also been compromised. Lots of info on those emergency cards. Shame we have become so reliant on technology it may well become our undoing.

Afrikeber · Feb 5, 2023

Geez, I know folks out there with kids in school……or were in school until now.

pbharvey · Feb 5, 2023

The three R’s:
Reading, writing, and ransomware

DadOSix · Feb 5, 2023

i saw the tech working thru this scenario on TikTok or Instagram. As of last I saw, he was waiting til Monday to get a call into Aruba or some such hardware provider.

press1280 · Feb 6, 2023

My kids go there. And yes the reliance on technology sets us up for doomsday scenarios like this.
I'm curious how much the ransom is?

bcr229 · Feb 6, 2023

No school today. Teachers/admins report two hours late. Systems that are down as a result of the attack include internal comms/PA, emergency comms and alarms, and HVAC.

I don't know if they will ever release the amount of ransom requested. Unfortunately even if the county pays the thieves still have the data so they can keep coming back to demand more and more ransom to not release it.

jc1240 · Feb 6, 2023

bcr229 said:
So, the county IT system was hacked by the Russian group Vice Society and it was completely offline last Friday. So, of course the kids learned nothing because all of their coursework is in Schoology. Tomorrow (Monday) the students are off, teachers and admins are to report two hours late. Unfortunately the emergency systems, alarm bells, comms, etc. all run through whatever got hacked which is why the kids are off.

I'm hearing at least a week to get everything back up and running. Meanwhile, local stores are selling out of paper and pencils...

I work in IT supporting a hospital. In general we (everyone) rely too much on tech. Ex: a web site used to compute a child's dosage for whatever drug and when it was down, docs would yell "I can't do my job." WTF did docs do before the http protocol or even before computers? Kids never got anything more than tylenol? Don't get me started on the technological abomination that is Epic (electronic medical record system). That is one giant PoS nightmare to support.

This is another case - too much reliance on Schoolology, Google Classrooms, etc. Paper, pencil, and text books are the way to go. Sure, use computers as supplements, but not the entire course matter.

bcr229 · Feb 6, 2023

jc1240 said:
I work in IT supporting a hospital. In general we (everyone) rely too much on tech. Ex: a web site used to compute a child's dosage for whatever drug and when it was down, docs would yell "I can't do my job." WTF did docs do before the http protocol or even before computers? Kids never got anything more than tylenol? Don't get me started on the technological abomination that is Epic (electronic medical record system). That is one giant PoS nightmare to support.

This is another case - too much reliance on Schoolology, Google Classrooms, etc. Paper, pencil, and text books are the way to go. Sure, use computers as supplements, but not the entire course matter.

If it were just a matter of Schoology being unavailable the kids would be in school. The heat is off in all the schools because apparently the HVAC is controlled from the same network the hackers took over.

steves1911 · Feb 6, 2023

It sounds like everything is offline...employees badges don't work In doors...kids are upset wrestling is canceled. I'm honestly surprised they had staff report without fire alarms working

Moonlighter · Feb 6, 2023

steves1911 said:
It sounds like everything is offline...employees badges don't work In doors...kids are upset wrestling is canceled. I'm honestly surprised they had staff report without fire alarms working

Their IT department likely took everything down to isolate the systems and networks from further hackerage.

shiza · Feb 6, 2023

MFA....... that's all it takes to stop 90% of ransomware attacks. Willing to bet it wasn't fully implemented.

Occam · Feb 6, 2023

bcr229 said:
I don't know if they will ever release the amount of ransom requested. Unfortunately even if the county pays the thieves still have the data so they can keep coming back to demand more and more ransom to not release it.

Just for clarity: these attacks aren't about holding the data ransom (as in, "pay or we'll release it") - it's about having malware encrypt the data on the system so that the legitimate users can't get to it. The ransom part is "pay us or we won't give you the decryption key so you can get back to using your system again." It's like being locked out of your business because the bad guys changed the lock.

Also: in many cases, paying the ransom doesn't even get you back to being able to access your data/systems - because sometimes bad guys actually lie about what they're going to do after you send money to Russian mobsters!

Regular offline backups are the only way. There are lots of ways to prevent ransomware from spreading in a system, but it's hard to kill every possible path/method. And there are other ways that data can die, so those backups are everything.

KingClown · Feb 6, 2023

shiza said:
MFA....... that's all it takes to stop 90% of ransomware attacks. Willing to bet it wasn't fully implemented.

MFA wouldnt necessarily prevent it. It runs in the users context. You mitigate it somewhat by only giving users access to what they need and nothing else that way the ransomware is limited.
And you teach them work computer vs home computer and stop doing stupid shit on your work computer.
But as far as MFA they user would put it in and log in and the ransomware would go to work.

Also they dont have the data you would notice all that bandwidth being used on the network. Its just encrypted and you have to pay for the encryption key. Most of the time you get the legit one because if they never give it the scam stops working but some dont give it anyway.
Back ups. Offline back ups are the only way to really mitigate it. If you dont have 3 back ups you dont have back ups and if you dont periodically test those back ups you dont have back ups.

bcr229 · Feb 6, 2023

Kids are back in school tomorrow.

rifelman · Feb 6, 2023

My Daughter is teaching there at the moment. She said they heard 2 million to unlock and the County said no. Also, be prepared to go the rest of the year without any internet. Teachers will create a Lesson plan or assignment and display them, students will have to copy them into their notebooks.

bcr229 · Feb 6, 2023

I'm glad the county refused to pay the ransom.

The kids can cope without internet.

mauser58 · Feb 6, 2023

These hackers will not stop. Too bad the Government cant locate them and send drones with missiles to put an end to a few.

Berkeley County, WV Schools Hit by Ransomware

The #1 community for Gun Owners of the Northeast

Member Benefits:

FFL/SOT

Attachments

Ultimate Member

Ultimate Member

Habitual Testifier

Ultimate Member

Ultimate Member

FFL/SOT

Ultimate Member

FFL/SOT

Ultimate Member

Noob

Member

Not Even ONE Indictment

SOmething Witty

FFL/SOT

Active Member

FFL/SOT

My home is a sports store

Users who are viewing this thread

Log in

Forum statistics