FBI Investigating Michigan School District Hack

Written by

The Federal Bureau of Investigation and Michigan State Police are investigating a cyber-attack on a Michigan school district.

District administrators at Saginaw Township Community Schools began experiencing IT issues on Sunday following what is believed to have been a ransomware attack on the district's computer network. 

Investigators are in contact with the cyber-criminals behind the attack. It is not yet clear how the threat actors gained access to the network.

“They are communicating almost daily with the hackers to figure out what exactly they want,” said district superintendent Bruce Martin.

WNEM reported that Martin sent an email out to parents in which he stated that malware had been used to encrypt files and lock users out of them. The cyber-thieves behind the attack had then demanded ransom money from the school in exchange for a decryption key.

Sunday's attack did not prevent the school from being able to educate students via remote learning and in-person classes in the days that followed. 

“I think that sent a message that we can overcome this,” said Martin.

However, the attack has had an impact on how lessons have been taught.

"A lot of teachers went 'old school,' with books and paper and pencil," said Martin, who then went on to acknowledge, “It could have been a whole lot worse, but it certainly has been disruptive in an already disruptive year."

Martin said on February 25 that the district's computer systems have now mostly been restored. Investigators are still working to discover the full impact of the cyber-attack and are yet to determine if any personal data was compromised. 

Matt McLalin of the Michigan State Police Cyber Command Center said that paying a ransom to cyber-attackers was not a good move. 

“You pay them the money, they are just going to use that money to continue to make new malware and infect others,” he told ABC News

Offering advice on how to minimize the impact of a ransomware attack, McLalin said: “Keep good back-ups, obviously, good, regular back-ups where you are regularly backing up your data and keep them off-line.”

What’s hot on Infosecurity Magazine?