In a highly unusual hacking case, an entire school district in Montana shut down for three days following a data breach of student and faculty records. Investigators say that parents received "extremely graphic threats via text messages" and that hackers sent the school board a ransom note demanding bitcoin payments in exchange for the destruction of hacked data.
The Flathead County Sheriff's department released a statement on Facebook yesterday that included six pages of the ransom note from hackers going by the name TheDarkOverlord Solutions. From Thursday through Monday local time, classes and extracurricular activities for the 15,700 students of Columbia Falls School District were cancelled. Authorities recommended that the schools return to business as usual on Tuesday, saying that they believed citizens were safe and those believed to be responsible for the threats "have frequently failed to live up to their promises to not release the stolen data in the past, even when their ransom demands have been met".
TheDarkOverlord Solutions is a name that has been used by hackers in connection with recent high profile ransom-based attacks on Netflix and America's ABC. No evidence has been released that confirms the same group is actually behind all of these incidents. Flathead County Sheriff Chuck Curry told reporters yesterday that authorities believe whoever is responsible for the threats is based outside the US. It appears that part of the reason for the suspension of school activities was threats of violence, something that is fairly abnormal in hacking cases. Police brought in the FBI over the weekend for help after failing to identify a local suspect.
According to the Flathead Beacon:
The letters are targeting Columbia Falls after the hackers successfully infiltrated the school district's server. The suspects, described as skilled computer hackers who have concealed their location through highly sophisticated means, infiltrated the school district server last week and obtained information about past and present students, parents and staff members, including names, medical records and addresses.
Over the weekend, the individual began sending extremely graphic threats via text messages to specific individuals. The entire server and communication system was shut down temporarily.
No details of what was included in the threatening text messages have been released to the public. The ransom note released by police included the usual troll-ish taunting that hackers commonly use in these situations. The message also contained several references to the 2012 Sandy Hook Elementary School shooting and redacted passages that were allegedly personal information about students obtained from the server breach. The hackers threatened to reveal embarrassing details about authorities' incompetence if their demands aren't met.
"We are savage creatures who do not discriminate," the hackers wrote. "We prefer to prey upon the likes of institutions such as your own, but not because we have anything against children, but rather for much more interesting reasons which you will soon come to understand."
Three options for payment were outlined: $US75,000 ($93,600) in bitcoin paid promptly, $US100,000 ($124,801) in bitcoin if an unnamed person writes an embarrassing five-page essay, or $US150,000 ($187,201) in bitcoin to be paid in monthly installments over a year.
Speaking with NBC News, Whitefish Police Chief Bill Dial said that the hackers were also able to access the Columbia Falls School District's security cameras. According to Dial, the suspect is believed to be of British origin and located somewhere in Europe. This person is on an international watchlist and is not allowed to enter the United States.
The suspects' travel issues make any threats of violence a moot point. Reporters for the Flathead Beacon spoke to a person that claims to be behind the attacks over the weekend. According to the report, "the individual said on multiple occasions in various ways that he or she intended to kill people in large numbers," and they bombastically added, "If you know anything about military weapons … it should scare your region." What violent attacks, military weapons, and hacked data have to do with each other is anyone's guess.
"I am 100 per cent confident there is no threat. It was all a ruse," Police Chief Dial told reporters on Monday. "I don't want to belabor this point. I want to make sure you people know everything that I know except for a couple of things."
While the threats may end up amounting to nothing, parents and faculty are still left trying to explain to thousands of young kids what is going on. The situation amounts to a new kind of terrorism that goes beyond poking at wealthy corporations and powerful politicians. And with poor electronic security, local governments may have to get used to it.