Articles

K-12

Cyberattacks Across the U.S. Are Shutting Down Schools and Delaying Classes

By Henry Kronk
August 17, 2020

The fall semester has just begun for many districts around the U.S. But already, some schools have been hit with cyberattacks that have ground classes to a halt.

Cyberattacks forced the Community School Corporation of New Palestine, Indiana to cancel the first two days of the semester in the first week of August. Ponca City Public Schools, a district in Oklahoma, also had to delay classes. The same occurred at independent school districts in the Texas towns of Humble and Athens.

The Athens ISD school board initially agreed to pay hackers a $50,000 ransom to regain access to their servers. But at the last minute, their IT team found an unaffected backup and averted a crisis.

In addition, many local FBI chapters have sent warnings to communities that their schools or districts may be targeted. The Bureau issued an announcement in 2018 warning that cyberattacks on schools were on the rise.

Most Recent Cyberattacks Have Taken One of Two Forms

The most accessible form of cyberattack is known as a distributed denial of service (DDoS). These attacks flood systems with internet traffic, overloading their capacity. It prevents users from carrying out normal functions, like accessing their learning management system or school email.

NineStar Connect CTO Ross Ferson spoke with Indiana’s WTHR to discuss the New Palestine cyberattack. “It’s disruptive,” he said. “Somebody who views it as a prank has looked at something on too [small a] level. You’ve affected 4,000-plus kids that are trying to get back to school in a time that we’re so uncertain.”

The attack affecting Humble ISD was also a DDoS.

Ransomware

Ponca City Public Schools in Oklahoma and Athens ISD each received a ransomware cyberattack. Ransomware can operate in numerous different ways, but it’s goal is always the same: paralyze a server and demand ransom.

Athens ISD initially agreed to pay $50,000 to hackers in August. But the school’s IT team was able to recover access to the data before the deal went through.

The criminals gained access to Athens servers and encrypted all of the schools’ data. This blocked access and use to all users.

The district had insurance to prevent against incidents like these, and the school board voted to pay the ransom of $50,000 in cryptocurrency.

“We can’t afford to not pay it,” said Athens ISD Board President Alicea Elliott, according to the Tyler Morning Telegraph. “It would take us months to rebuild all that data so that we could start school.”

But before the transaction, the team managed to find an unaffected system backup and denied the attackers a victory.

The FBI Recommends Not Paying Hackers the Ransom

Ponca City Public Schools did not give in to hackers’ demands and have elected instead to rebuild their databases. As a result, they had to delay the start of their school year. The FBI recommends this as the best course of action.

As their website suggests, “Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals. However, the FBI understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers.”

Besides the schools mentioned above, the FBI has also warned communities in Tempe, Arizona and New Orleans that hackers might try to target their servers.

As Louisiana FBI Supervisory Special Agent Corey Harris told local channel Fox 8, “Well, with so many kids that will be conducting school virtually, that increases the risk. That opens the door for an attacker to actually compromise either the school district’s network or the kids’ computers.”

Featured Image: Michael Dziedzic, Unsplash.