To the editor:
In the past month, Haverhill and Lawerence school systems have both been taken offline by computer ransomware, cancelling classes. The Massachusetts Registry of Motor Vehicles is also offline now due to ransomware attacks, likely originating overseas in countries with no extradition agreements with the United States.
Ransomware attacks occur when criminals probing the internet find vulnerable systems, which usually are missing software patches that prevent attack, not running some kind of anti-virus software, and/or not being behind any kind of firewall device that filters and blocks unknown traffic from passing onto school, municipal, home or corporate networks. They encrypt the data present so that it is unusable by anyone until a decryption key is provided.
It is common during modern ransomware attacks for the criminals to extort money from the victims to decrypt and restore access to the attacked systems, but also to steal all the data present on those systems (children's names, dates of birth, Social Security numbers, etc.) and to give that data to the militaries of those countries in return for safe harbor from which to operate. Those countries then store that information in databases for future extortion and/or blackmail operations.
For instance, one of the largest ransomware rings in the world is called "SamSam," and they target western healthcare and municipal organizations. They are now known to operate out of Iran.
Ransomware and basic cybercrime of all computer systems on the internet is everyone's problem, whether they admit it or not.
Municipal budgets and the priorities of leadership bodies (school boards, town select boards, state assemblies, our federal government) should reflect it.