Michigan School Ransomware Attacks Prompt Calls to Restore Internet Accountability

by Scott McClallen


If someone physically attacked a school, the perpetrator would likely be prosecuted immediately. But it’s often harder to prosecute online crimes, including the ransomware attack that closed two Michigan school districts for days in November.

Schools in Hillsdale and Jackson counties were closed last month after ransomware attacks. Ransomware is a malicious attack using malware or software to disrupt access to networks, computer files, or digital files. In order to restore normal functions, the perpetrators of the attack demand some form of compensation.

Scott Cleland is the executive director of the Restore Us Institute, a nonpartisan nonprofit that educates the public about internet accountability problems.

Cleland says the ransomware attacks are a symptom of a bad internet policy that, over 25 years, has devolved the internet from a place of innovation to “mindless madness.”

According to the Third Way think tank, about 0.3% of all reported cybercrime complaints are arrested and prosecuted.

“The Internet’s design and unaccountability policy inherently enable and empower cyberattackers,” Cleland said in a phone interview with The Center Square.

He says that public policy should discourage negative online behavior. The anonymity of online can beholden people to steal, lie, and cheat each other online, often with few repercussions.

“Cybercriminals exploit people online with impunity because they know there’s minimal risk they’ll get caught,” Cleland said.

The FBI’s 2021 Internet Crime Report noted 847,376 complaints of suspected internet crime – an increase of more than 380,000 complaints from 2019 – and reported losses of $6.9 billion.

The top three crimes reported by victims in 2021 were phishing scams, non-payment/non-delivery scams, and identity theft or a personal data breach. Victims lost the most money to business email compromise scams, romance and confidence schemes, and investment fraud.

Cleland blames internet unaccountability on a few laws in the 1990s, including Section 230 of the Communications Decency Act and the 1997 Reno v ACLU, which championed free speech absolutism online, minimal government and self-regulation. He says symptoms of bad internet policy are higher youth depression rates, mental health issues, and cybercrime.

Cleland says anarchy, amoralism, or a mix of the two are the root cause of all internet problems.

He says the solution is to restore constitutional authority over the internet in U.S. policy. When created, the internet was considered a separate place from life. But now, our lives are integrated with the internet – where we pay bills, shop, work, and play.

“Wild West Internet policy initially made sense in accelerating adoption and buildout of the Internet, but as permanent policy for a mature internet it makes no sense, the risks to people and minors are extreme and out-of-control,” Cleland said.

Lt. Mike Teachout of the Michigan State Police said the ransomware attack is still being investigated. He noted that “cybersecurity is all of our responsibilities.”

Teachout recommended practicing good “cyber hygiene” – changing passwords and using unique passwords for every account, updating devices to current software, not sharing passwords or clicking on anything in emails or text messages if you aren’t expecting it, and enabling multi-factor authentication.

“We need to look out for ourselves, we need to look out for our kids, and we need to look out for our seniors as well,” Teachout said in a phone interview with The Center Square.

– – –

Scott McClallen is a staff writer covering Michigan and Minnesota for The Center Square. A graduate of Hillsdale College, his work has appeared on Forbes.com and FEE.org.
Photo “Ransomware” by TheDigitalArtist.


Related posts