Ransomware gang targets Broward County Public Schools, source says

FORT LAUDERDALE, Fla. – Broward County Public Schools was the target of a cybersecurity breach linked to ransomware, a type of malicious software used to threaten to block or publish data unless a ransom is paid, according to a Local 10 News source.

The school district, one of the largest in the country, did not confirm if there was a data breach or demands for cryptocurrency, but employees received a letter from the district implying that there was.

In the letter to employees, a BCPS representative wrote that the service disruption experienced in early March was caused “by unauthorized activity on their computer network.” BCPS also alleged that their core functions were not impacted.

“We have no intention of paying any ransom,” the letter to employees said. “Our investigation is ongoing, and we have no evidence that any individuals’ personal information has been accessed or removed from our network or compromised in any way.”

The FBI does not support paying a ransom in response to the ransomware gangs’ attacks because paying it doesn’t guarantee an organization will get any data back and it perpetuates the incentive.

Horacio Randazzo is the chief technology officer of the Fort Lauderdale-based ABC Technology Group. He has been in the information technology industry for about 25 years.

“I am sure they are in full mode right now; trying to figure out what they can do and how can they better prepare themselves for another incident like this,” Randazzo said.

Hackers can hide ransomware in email attachments, advertising, links, and websites. Randazzo warned there are thieves who are constantly looking for ways to scam others.

“If they have social security numbers for those students, they can do identity theft,” Randazzo said. “It’s an open market. You’ve got someone who is turning 18 now they can exploit.”

Craig Agranoff, the owner of Gripd, a digital marketing firm based out of Boca Raton, said organizations are most easily victimized when there is a lack of cybersecurity training.

“A lot of times these ransomware attacks come through in the most simplest of fashions,” Agranoff said.

The school district has more than 270,000 students and some 15,000 teachers. Agranoff said the parents of those students and the district employees should be concerned about their personal information.

“I would say as a parent, I would be infuriated,” Agranoff said. “I would demand answers.”

A screengrab of the communication between an alleged negotiator with BCPS and the hackers with the Conti gang was being shared on the dark web. The district did not confirm its veracity.