A school district in New Jersey is having its computer network held hostage for a 500 bitcoin ransom (worth roughly $125,000), according to the South Jersey Times.
The Swedesboro-Woolwich School District discovered on Saturday morning that communications, online resources, and documents created by staff members were made inaccessible. The district, which is home to almost 2,000 students, was even forced to cancel its computerized PARCC exam.
The local and state police, the FBI, Homeland Security, and the Gloucester County Prosecutor’s Office’s High Tech Crimes Unit are all looking into the matter.
“Certainly any breach of any public computer system, especially a school, is extremely serious and we’re doing everything we can to assist the school district and identify the person or persons responsible,” said Gloucester County prosecutor Sean Dalton.
He said that although the prosecutor’s office has seen incidents of school districts being hacked before, this is the first time that it has been involved in a case involving ransomware.
The school district is receiving volunteer assistance from the Educational Information Resource Center (EIRC) to bring the network back online. It is attempting to restore files which have been encrypted by the ransomware infection.
However, it is unknown when exactly the school district’s computer network will be restored.
Superintendent Terry Van Zoeren said, “There’s basically no tech service happening in Swedesboro-Woolwich right now. Essentially our network has been taken over and has been made non-operational.”
“We are operating as if it’s about 1981 again,” he added.
While it may be difficult to identify the individuals behind the attack, Van Zoeren reassured the press that they will be pursued to the “greatest extent possible”. The investigation is still underway so it is unclear what charges will be pressed.
This is not the first time the FBI has investigated a bitcoin extortion attempt. In June 2014, the FBI busted a “highly sophisticated” botnet used to distribute Cryptolocker ransomware.