Ransomware attacks keep appearing against public institutions and large US-based companies, as new reports emerge every week, which has set off alarm bells among members of the cybersecurity community. The most recent incident was reported in the Nampa Idaho school district, whose officials have revealed a serious cyberattack that managed to disrupt the functions of the entire school district network last Wednesday morning, mentioned information security specialists.
Kathleen Tuck, a spokeswoman for the school
district, mentioned that the attack originated with malicious email, although she
did not specify who opened the message. As a security measure, the Nampa
district closed its networks and temporarily cut off Internet access in all its
schools. “Teachers have already been informed, all schools will remain
offline at least until next week; in addition, full recovery will take a little
longer,” Tuck said.
Although classes will not be interrupted during
this process, teachers and administrative staff at Nampa schools will have to
use pencil and paper to continue their activities. “We’ve been working
pretty well without technology,” said one of the city’s teachers.
The city’s government information security
experts say all information held by the school district is secured and access
for school staff will soon be restored. In addition, they claim that not all
computer equipment was compromised during the incident.
Local authorities are working with their
insurance agency and the Idaho Risk Management Program to investigate the
incident, and the services of an independent security firm were contracted. The
city government reportedly has an insurance policy against cybersecurity
incidents, so the insurance company is expected to cover most of the expenses
caused by this cyberattack.
Through the last months, ransomware attacks
reported by information security experts had only been detected on some
management systems in local governments; however, recently the perpetrators of
these incidents began to show particular interest compromising operations in
schools in some small towns.
One of the first cases occurred in Alabama, where
authorities reported a security incident that compromised systems for an
unspecified number of schools in the Middletown school district.
Michael Conner, the district’s superintendent,
mentioned that it was a ransomware infection, adding that authorities were not
planning to pay any ransom. “We are working with specialists to determine
how hackers entered our systems; we will also implement a recovery process as
soon as possible.” To date, two of Middletown’s six computer systems
continue to operate with multiple limitations.
Perhaps the most serious case was the one in the state of Louisiana, which suffered a cyberattack that affected the systems of dozens of schools in the state; according to computer security specialists at the International Institute of Cyber Security (IICS), the state governor even issued an emergency declaration throughout Louisiana, a move with which the local government expected obtain the necessary resources for the investigation and recovery of the incident, which paralyzed school systems critically.
