Hackers hold FCPS information ransom


Image via OneSpan

Fairfax County Public Schools (FCPS) announced on Friday, September 11, 2020 that ransomware was placed on school technology. Ransomware holds information hostage until companies pay large sums of money in exchange for its release. Ransomware cost the United States over $7.5 billion in 2019, according to the White House


FCPS says that they believe this is part of a larger system of international attacks launched by  “cyber criminals.” FCPS is working with the FBI to confront the issue.


The organization responsible published 2% of the data it secured from FCPS, as a warning that they had obtained valuable information. FCPS is the 53rd school district in the country to be targeted by a cyber attack of this nature. This is not exceptionally surprising, considering that FCPS is the 11th largest district in the country, the district of many government employees’ children and that FCPS has recently been publicly brought to the public eye by Secretary of Education Devos. Experts believe that this is part of a larger pattern of attacks on schools and businesses.


Maze ransomware (originally known as “ChaCha ransomware”) claimed responsibility for the attack. Maze is infamous, as it can spread across an organization and encrypt data so that it becomes inaccessible by its owners. What makes Maze particularly difficult to combat is the fact that even if companies restore their information and gain access to it again, the malware has already made a copy of the information, meaning MAZE can still sell and use it. Maze has released information from a Brazilian government website, companies like Canon and patient records from hospitals.


“At this time, our investigation of the issue is ongoing and we are working diligently to determine the impact of this incident on FCPS data,” FCPS said in a statement.


FCPS’ technology chief stepped down after massive problems with virtual learning in the spring, including online classrooms being overtaken by disruptors. The county reports that these attacks have not impacted virtual learning.