Sounds like a variant of CryptoLocker.
The district has restored encrypted files and its servers are in the process of being restored to remove any trace of the malware -- known as ransomware -- and the email and other systems are being restored, a post on the district's website reads.
"Ransomware is distributed via spam email attachments, applications that are contaminated, or websites that are hacked by criminals," the post says. "Once discovered, the district took steps to contain the infection and began the process of cleansing and rebuilding."
Student data is not expected to have been affected at this point, according to Van Zoeren.
So is the data backed up or not? If it is backed up, then simply restoring the files should be pretty trivial. If it isn't backed up and the files in question are actually encrypted, then they would be powerless to do anything about it other than paying the ransom or doing a complete reformat.
And the fact that the ransomware asked for 500 BTC makes it sound like the attack was specially targeted against the school district. Typical examples of ransomware ask for amounts much smaller than that.
On a final note, I highly doubt that it will be possible to catch the person responsible since it's likely that they were hiding behind Tor.