JACKSON, Mich. (WLNS) – School leaders in Jackson and Hillsdale County said staff are working around the clock to investigate a ransomware attack that locked the district accounts.

Officials with the Jackson Intermediate School District say they found the issue over the weekend.

A cyber security expert said criminals are increasingly going after large organizations because they know these companies can not afford to lose their data.

“When you realize an organization can’t [lose their data,] targeting small businesses, medium businesses and larger organizations, is the norm for ransomware attackers. They essentially overfished the targets,” said MSU Criminal Justice Professor Tom Holt.

Holt said early ransomware attacks focused on people’s home computers.

Hackers would lock access to a victim’s computer and demand a hefty ransom in exchange.
He says what Jackson and Hillsdale school districts are facing tonight is a prime example of changing tactics.

On Sunday night, administrators with the Jackson County Intermediate school district said their technology consortium was suffering systems outages.

By Monday afternoon, those same officials shared the outages were connected to a ransomware attack. Jackson Public Schools, East Jackson Community Schools and Hillsdale Community Schools said they would be closed Tuesday as well for the same reason.

Holt said clean-up will cost time and money. He said a similar attack on the Lansing Board of Water and light in 2016 had a demand of $25,000 – but loses and damages neared $2 million.

“So this not a small problem and depending on the severity of this incident and certainly as its been reported it sounds bad. But until we know, say if any student information was lost or any sensitive information that could have been effected then we could be talking about a worse kind of situation but for now we can assume it’s somewhat bad,” said Holt.

He said foreign attacks that use bits and pieces from different malicious codes make it difficult to find the culprit.

“You don’t want to encourage people to pay a ransom because you’re enabling crime but on the other hand there are few if any alternatives to work with,” said Holt.

Holt says you can still be a target for this type of cybercrime at work. He says to look out for phishing emails from an unclear source that appears time sensitive. Those may come with an external link asking for your login or to have you download a file.