Long Island Ransomware Attack: New York School Pays $100,000 -

A Long Island, New York, school district has paid hackers nearly $100,000 to recover data from a Ryuk ransomware attack, according to Newsday, a major newspaper that serves the region.

According to the Newsday report:

The Rockville Centre school district paid almost $100,000 to restore its data after being hacked with a ransomware virus that encrypted files on the school district's server.

The school's insurance policy covered the payment. School officials worked with the insurance carrier to help arrange payment to the hackers. The school has received decryption instructions but the data recovery process is ongoing.

The same ransomware hit a neighboring school district in Mineola, New York. But that district didn't pay the ransom and instead restored data from backups. This virus is designed to encrypt the backup as well, the Mineola school district reported. Fortunately, the district had taken the backup offline over the summer to do some work and officials had a full backup to rebuild the network, the report says.

The New York State Education Department sent a notice to all districts July 31 about a cybersecurity threat reported in four districts: Syracuse, Watertown, Lansing and Rockville Centre. The attack crippled the Syracuse city school district's computer system in July, according to news reports.

As a precaution, The New York State Education Department on July 29 requested that its regional information centers and Big 5 school systems — Buffalo, Rochester, Syracuse, Yonkers and New York City — take the state's data warehouse offline to scan for malware and vulnerabilities.

The Newsday report did not mention whether Rockville Centre had data backups, nor did the report mention whether the school district employs MSSPs (managed security service providers) to safeguard digital assets.

Ryuk Ransomware Also Attacks CSPs, MSPs

Ryuk Ransomware attacks aren't limited to schools. The malware has also hit multiple service providers in recent months. Victims include:

A cloud service provider (CSP) that works closely with MSPs.

Data Resolution, an MSP in California.

Multiple organizations that paid a combined $640,000 in Bitcoin over a two-week span in 2018, according to master MSSP Perch Security.

The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.

Amid those challenges, the MSP industry could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.

In response, MSP software providers and their channel partners are increasingly activating two-factor authentication as a means to stop hackers from entering systems.

Ransomware Continues to Hit Cities, Towns and Government Agencies

Meanwhile, ransomware attacks continue to plague federal, state and local government agencies across the United States.

The fallout so far: Ransomware attacks have hit at least 170 county, city, or state government systems in the United States from 2013 through July 2019. Moreover, 22 of those attacks occurred in the first half of 2019, according to The U.S. Conference of Mayors.

Those mayors have vowed to stop paying ransomware demands from hackers, but those same mayors will need to boost their cybersecurity and business continuity stances in order to ensure they can maintain such a vow.

The most recent attacks have hit these U.S. cities -- along with at least 22 local governments in Texas.