Close this search box.

Silence of the Lambs: How Ransomware Attacks on Schools Are Targeting the Young

The author

Leaking private data to embarrass victims into paying a ransom is probably the least organizations should expect from ransomware criminals in 2023.

Looking back over the last decade, it’s surprising criminals didn’t think of this tactic earlier. Encrypting files is hugely inconvenient but at least these can usually be restored with some effort.

At some point, it dawned on ransomware groups that the real prize was the data in the files and not the files themselves. This realization has had far-reaching consequences in ways that have transformed the nature of modern cybercrime. Unlike file encryption, data has a long shelf life and once stolen can’t be retrieved. Data loss is forever.

These potentially serious long-term effects of data loss were brought into focus by the aftermath of the upsetting ransomware attack on Minneapolis Public Schools (MPS) by the Medusa ransomware group in February.

During that incident, Medusa published a slickly produced 51-minute video to showcase the nature of the sensitive data they’d stolen. The first time this tactic has been used, according to someone who watched the video, the haul comprised 300,000 files, including student records going back to 1995, parental contacts, addresses, grades achieved, payroll data, and building layouts.

But that wasn’t all. According to a recent report by AP, the cache also included data on “sexual assaults, psychiatric hospitalizations, abusive parents, truancy—even suicide attempts.”

That’s in addition to health information and details of disciplinary steps against students. AP’s analysis offers an important glimpse into the effect this incident had on some of its young victims:

“Please do something,” begged a student in one leaked file, recalling the trauma of continually bumping into an ex-abuser at a school in Minneapolis. Other victims talked about wetting the bed or crying themselves to sleep.”

The data was ostensibly released because MPS refused to pay the $1 million ransom demand made by Medusa shortly after the attack, although there is no evidence paying would have made any difference.

In the Crosshairs

This incident is only the latest in an increasingly sophisticated targeting of schools in the United States and beyond. Others include a January attack on Des Moines Public Schools and the Vice Society’s campaign targeting schools last fall.

According to figures from Comparitech, there were at last 65 attacks against U.S. schools and colleges during 2022, affecting 1,435 institutions serving 1 million students. The figures for 2023 so far have added another 37 attacks to that total.

How much did all this cost a sector not noted for being flush with money? Unfortunately, it’s hard to tell. Schools remain reluctant to discuss their experiences, especially when a ransom has been paid.

Governments have become increasingly concerned to control the negative effects of digital media on young people, especially the distribution of child sexual abuse material (CSAM).

All very laudable but damage is also being done through ransomware data breaches in ways that could haunt the victims for decades to come. Ransomware is not always just about money and convenience; people’s lives are also at stake.

Sign Up For Our Newsletter

Don’t worry, we hate spam too!

Get The Latest On Ransomware Right In Your Inbox

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

JUST RELEASED: The 2024 State of Ransomware Survey is in.


Share via
Copy link
Powered by Social Snap