Mansfield ISD hit with ransomware attack

Monday Aug 22nd Mansfield ISD located outside of Dallas,Texas was hit with a cyber attack. Two days later their networks are still down and they are battling with restoring backups. Since the event is still ongoing, the district is reluctant to release any information on the hackers or what they were looking for. "Once the issue was discovered, we immediately notified the appropriate authorities and are working closely with them to resolve the situation. We are working diligently to investigate the source of the disruption, confirm the extent of the impact on our systems, and restore full functionality as quickly and securely as possible. " said MISD Superintendent Dr. Kimberley Cantu in a news release. I'm sure the district is worried that hackers are going to sell student and staff information on the dark web. Those threats would not be unfounded since last September Allen ISD, which resides in a neighboring county,was extorted for 1 million dollars. The threat actors in that case said they were gonna leak private data on their students if the amount was not paid. On advise from security experts, Allen ISD did not pay the ransom. I understand the dilemma to pay or not to pay that is the question. For some small businesses not getting back their data is out of the question. Most of the ransomware cases I've investigated in Texas seem to be pretty determined to not pay ransoms, since they do not want to encourage hackers to come back for more.