Posted on 09/16/2020 7:21:08 PM PDT by 11th_VA
FAIRFAX, Va. - Virginias largest school system has been hacked and the attackers are seeking a ransom payment to keep them from disclosing stolen personal information. WRC-TV in Washington reports that the internet hacking group Maze posted some of the data stolen from Fairfax County Public Schools, including student disciplinary records and grades, to prove its hack was successful. The school system confirmed the hack and said it is investigating and working with law enforcement. Unrelated, the school system reported it experienced technical difficulties Friday as students completed the first week of online schooling.
(Excerpt) Read more at google.com ...
Hunt them down. Kill them. Then kill them again, just to make sure.
Read the last paragraph of the below article to know there is a China connection.
https://www.cyberscoop.com/maze-ransomware-law-firms-fbi/
“school system blamed the problems on internet provider Verizon, but Verizon said it did not experience any service outages.”
Did nigerian princes offer to help?/s
One other note:
When you rely on dumb people to protect your network, you get hacked.
Often, it hurts.
Baltimore is only 50 miles away. They had to have heard how the same hack held the city hostage for months and it cost them tens of millions of dollars because they wouldnt spend something like $50,000 to protect their system.
Capital punishmnet for hackers.
Will sentence the whole hacker group if there is any doubt or they blame each other. Doesnt matter to me.
If they only listened to Rush Limbaugh.
With what I think I know about Fairfax County, I feel certain they had all the right diversity boxes checked in their hiring, so they had the important stuff covered.
Ping for your amusement.
I’ve received two recorded telephone calls over the past week, claiming to be calling from the Social Security Administration and asserting that my SS number has been ‘suspended’.
(I had been feeling left out because I hadn’t received a Nigerian scam email in years; but I did receive one from someone who claimed to be Iranian...)
My 2 older brothers and sister plus myself graduated from that system way before computer records.
Singapore is mentioned in the article as another location where Maze-related servers have popped up. Yeah, there are still Chinese involved but a different group. Competing groups of illegal service providers to hackers? I wouldn’t put it past them.
How about taking a standard product and services performance liability approach instead of making the company owning the data bear all the risk?
This could be accomplished by structuring software purchase rental agreements to make the software developer assume the hacking prevention risk by certifying that their software is properly designed and rigorously tested and routinely updated against hacking.
Ditto for the contracted IT services provider. Let them certify proper installation and maintenance of the systems including the anti-hacking software.
Split the risk between them if necessary.
Then back the whole thing up with an loss-prevention policy with a suitably large insurance company that will deal with the ransom demands if the software and/or system is hacked.
Of course, that insurance company is not going to like paying off and will go after the software and IT services companies to recover any payouts. I expect the prospect of profit-draining and reputation damaging very expensive lawsuits will kick-up due diligence efforts of the responsible parties.
Pardon my ignorance if these risk offsetting measures are already being taken. I have never read about anything like them in the reporting on any of the IT ransom ware scandals.
Awesome! Release the data!!!
This one is different type. They are holding the data for ransom. In the baltimore event they locked all the files with encrption rendering the systems unusable. This is more like someone steals the data and then threatens to release it if they don’t pay.
To hell with the hackers; advise and apologize to the students and parents, then tell the hackers to release the data.
The good students have nothing to fear and the bad students don’t give a sh!t.
That might make an interesting movie. A private force hunting them down around the world and removing them permanently from society.
I like that idea!
Take the profit out of their black-mail scheme, reply with “Frankly my dear, I don’t give a damn”.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.