Cyber-criminals behind a cyber-attack on a Florida school district are demanding a ransom payment of $40m in cryptocurrency.
The computer system of Broward County Public Schools was compromised at the beginning of March by data-locking ransomware in a Conti gang operation. The attack caused a system shutdown but left classes undisturbed.
Broward is the sixth-largest school district in the United States with 271,000 students and an annual budget of around $4bn.
The district, which is based in Fort Lauderdale, negotiated with the ransomware gang for two weeks. Conti initially said it would accept $15m in Bitcoin if the district paid up within 24 hours.
But the ransomware gang reportedly ended communications with its victim after rejecting the district's offer to pay $500k.
Screenshots of the negotiations posted to the gang's dark website appear to show Conti telling a district official that the $40m ransom "is a possible amount for you."
The Broward negotiator replied: “This is a PUBLIC school district. You cannot possibly think we have anything close to this!”
Conti claimed to have stolen personal information belonging to the district and threatened to make the data public. But Broward County Public Schools said in a statement Thursday: “We have no evidence that any individuals’ personal information has been accessed or removed from our network or compromised in any way.”
Cybersecurity experts are currently working with the district to investigate the incident and remediate affected systems.
"Efforts to restore all systems are underway and progressing well. We have no intention of paying a ransom,” said a spokesperson for the district.
Broward County joins a growing list of public school districts victimized by ransomware. In 2020, the districts of Fairfax County, Virginia; Hartford, Connecticut; Baltimore County, Maryland; and Fort Worth, Texas, were all targeted.
Commenting on the Broward attack, SecPod’s CEO Chandra Basavanna told Infosecurity Magazine: "While there have been numerous attacks targeting education institutions over the last couple of weeks, this specific attack is unique in that its ransom demand was one of the highest ever.
"Given that every major attack sets a precedent for others to emulate, we’ll likely see other threat actors one-up each other beyond what is currently making headlines."