Syracuse schools and Onondaga County library hit with ransomware attacks

• The ransomware attack on Syracuse City School District disabled the schools from accessing their systems.
• The online system of Onondaga County Public Library is down at all library branches, disabling access to the online catalog and online accounts.

Attackers infected the Syracuse City School District’s network last week, causing system outages. The Onondaga County Public Library’s online system was also impacted by the attack.

What happened?

The ransomware infection disabled the schools from accessing their systems. Upon discovery, the school district launched an investigation to determine the source and extent of the incident.

The school district’s insurance provider suggests paying the ransom payment which is a six-digit amount. On the other hand, the FBI recommends not meeting the attacker’s demand. However, the district has not yet decided whether to pay.

Meanwhile, city officials said that Onondaga County Public Library system outages could be connected to the same attack.

• The online system of Onondaga County Public Library is down at all library branches, disabling access to the online catalog and online accounts.
• Phone services at the Central Library in downtown Syracuse and Syracuse city branch libraries are also impacted.

“Update Regarding Phone, Computer and Online Services:

We are actively working on a solution, and appreciate your patience. We apologize for the inconvenience. We anticipate this will continue through the weekend and hope access can be restored by Monday,” the Public Library said in a Facebook post.

What was the response?

• Upon discovery, the school officials began working in order to restore the district’s website and internet functionality.
• The school district managed to restore some “back-end” systems including human relations, payroll, and student management.
• The district’s IT team is investigating the incident and coordinating with a cybersecurity firm in order to completely recover from the attack.
• School officials confirmed that no private information has been exposed in the attack.

“On Monday, July 9th, the district experienced a cyber-event in which our computer files and systems were inoperable. We have been working with cyber security and law enforcement professionals to restore our systems. We have restored some of our back end systems (human relations, payroll, student management) and are still working on more public facing systems like the email system,” Syracuse City School District said.