Cyber-criminals hit primary school
A BYRON Bay primary school has been the latest victim of sophisticated cyber crime in which their server was digitally "kidnapped" and held for ransom.
Two weeks ago Byron Community Primary School's server was hacked. All data became inaccessible and vital daily tasks such as updating roles, recording financial transactions, and entering health records were impossible.
Two days later they received an email in broken English demanding a $5000 in exchange for their data.
Hilariously, the ransom note included "testimonials" from former victims recounting the good conduct of the extortionists in returning their data once ransom had been paid.
Attempts by the school's IT staff to remove the software or access data were unsuccessful. The school also contacted the NSW Police, Federal Police, and Google's legal department.
They said 'good luck, we're aware of it, but there's nothing we can really do to help, school finance manager Frank Binkley said.
Although some hard drive data has been recovered, crucial files are still in limbo.
Mr Binkley said the school did have an onsite backup, but it was encrypted as well. From now they will be backing up with both a third party cloud server, and off site.
"There's a really big important message out there for small businesses - make sure you have off-site data backup," Mr Binkley said.
IT administrator and "anti-hacker" Liam Dufty said cyber crime was a problem getting "exponentially" worse - at least 30% of his business is now spent assisting victims of cyber crime.
It's a big business - I'm noticing it a lot more and it's not easy to keep up with.
Mr Dufty said the encryption software was the latest variant of a program he'd seen since evolving since 2009, and a trace indicated the hackers were operating in Russia or Ukraine.
"It's rife over there, they're poor but they've got the expertise," he said.
He strongly recommended that businesses and individuals kept their computer up to date with the latest Windows updates, used good anti-virus software, requested their internet provider to ' firewall' their data, triple back up their data - offsite and onsite, and with a third party.