Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity NewsEducation: K-12

Fairfax County Public Schools hit by Maze ransomware

ransomware
September 15, 2020

Over the weekend, Fairfax, Va. County Public Schools, the 10th largest school district in the country, was hit by Maze ransomware, resulting in an apparent leak of student and faculty data, just days after previous attacks on these two other school systems.

According to the Fairfax County Public Schools, the cyberattack did not disrupt the distance learning program during the first week of school. The schools continue to work with the FBI and cybersecurity consultants to investigate the nature, scope and extent of any possible data compromise. 

If it is determined in the course of the investigation that personal information has been compromised, the Fairfax County Public Schools will take steps to notify affected individuals as appropriate, says the district. 

InfoSecurity Magazine reports that the hacking group Maze claimed to have carried out the ransomware attack: "As proof of the attack, the threat actors have uploaded a zip file of data they claim was exfiltrated from the school system. At time of publication, Maze had published just 2% of the data they claim to have swiped from Fairfax County Public Schools." 

Maze, previously known in the community as “ChaCha ransomware”, was discovered on May the 29th 2019 by Jerome Segura[1, McAfee telemetry says. The main goal of the ransomware is to crypt all files that it can in an infected system and then demand a ransom to recover the files. However, the most important characteristic of Maze is the threat that the malware authors give to the victims that, if they do not pay, they will release the information on the Internet[2]. This is a behavior increasingly observed in new ransomware[3], such as Sodinokibi, Nemty, Clop and others.

Chester Wisniewski, Principal Research Scientist at Sophos, believes that this string of attacks can be linked to a new trend from ransomware gangs in which they amplify their efforts by attempting to apply more pressure on their victims when they are most vulnerable such as a school district resuming classes under a plethora of new protocols.

"With the news that Fairfax County public schools in Virginia were hit with ransomware in the first week of the new school year, a series of unfortunate incidents is no longer random, but appears to be a pattern. First, we heard a similar tale from Hartford, Connecticut followed by Toledo, Ohio around the same time as Fairfax," says Wisniewski. "Twice might be a coincidence, but I fear we are seeing a new trend in ransomware gangs sharpening their tools to attempt to apply more pressure on their victims. Over the past 12 months we have seen continued advancement in both technical and social techniques to extract a pound of flesh from victims and striking at the worst possible time appears to be the latest in their bag of tricks. Hitting schools at the start of the school year certainly applies additional pressure to get back online, and we may see similar targeting around high pressure times such as election day or the upcoming Christmas shopping holidays."

"Of course, Hartford steadfastly refused to negotiate or even ask what the ransom amount was and went about their business of recovering their systems. Let's hope we hear the same from Ohio and Virginia. The crooks aren't the only ones who can be trendsetters, we can too. By not giving in to their extortion demands we can put an end to this whole 7 year saga," concludes Wisniewski. 

KEYWORDS: cyber security k-12 security malware ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Unprepared Companies Vulnerable to Ransomware Attacks

    Two Manitoba, Canada Law Firms Hit by Maze Ransomware

    See More
  • ransomware - cyber

    Georgia County's election infrastructure hit by ransomware attack

    See More
  • ransomware - cyber

    US criminal Court hit by “Conti” ransomware

    See More

Related Products

See More Products
  • surveillance.jpg

    Surveillance, Privacy and Public Space

  • 150 things.jpg

    The Handbook for School Safety and Security

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing