Cyberattacks in Albuquerque latest to target public schools

When the superintendent of Albuquerque Public Schools announced earlier this week that the cyberattack would lead to the cancellation of classes for about 75,000 students, he said the district’s technology department had been preventing the attacks “for the past few weeks.”

Albuquerque is not alone, as five school districts in the state have been hit by major cyberattacks in the past two years, including one district that is still grappling with a post-Christmas cyberattack.

But it is reporting a cyber attack for the first time that required the cancellation of classes, all the more disruptive as schools try to learn in-person during the pandemic.

“If it seems like I’ve come to your homes to share hard news over the years, you’re right. And here I am again,” Superintendent Scott Elder said in a video address on Thursday. find themselves facing another challenge.”

Closed Thursdays and Fridays affect nearly one in five New Mexico schoolchildren, the nation’s 35th-largest school district by enrollment, according to 2019 data from the National Center for Education Statistics. The district was the last in the state to reopen last year with vaccines available.

The small town of Truth or Consequences discovered a cyberattack on December 28 and still has not regained control of its computer systems.

“We’re not out of the woods yet,” said Mike Torres, information technology director for the school system in Truth or Results, a small town in central New Mexico.

The attack has not been reported before. This happened while the students were on leave, giving them time to make contingency plans before the students returned. Torres says while “computer systems became unavailable” during the attack, disruption has been minimal.

Not so in Albuquerque, where teachers learned Wednesday morning that they had been locked out of a student information database that tracks attendance, records emergency contacts for students, and tracks which adults Students are allowed to take school days.

In 2019, Las Cruces Public Schools also suffered an attack on its student information database, following a phishing attack that led one or more employees to click a malicious link in an email months before that district’s information. Remembers Director of Technology Matt Dawkins.

After lurking and exploring the system of the district, some hacker or hackers carried out a ransomware attack. The data was locked in an encryption on several school computers, starting with the student database. A ransom was demanded in exchange for the key.

“It’s like when your house is robbed you know? That feeling of violation,” Dawkins said in an interview on Thursday, as his school went into lockdown a mile away because of an unrelated police call.

The school didn’t pay the ransom, and eventually found a way to reset their data systems to the state they were in the day before the attack. But it took months of work, and additional costs for a temporary Wi-Fi hotspot and some new computers. Insurance covered most of the cost of the attack.

In the past two years, at least four other New Mexico schools have been affected by costly cyberattacks, according to Patrick Sandoval, interim director of the New Mexico Public Schools Insurance Authority, which insures all New Mexico districts except Albuquerque.

Targets included universities, hospitals and a major fuel pipeline across the US in 2021. Data on the number of attacks and their cost is difficult to track, but the FBI’s 2020 Annual Report on Cyber ​​Attacks states that nearly $4.1 billion (about Rs 30498.465 crore) in damages were reported by institutions across the country that year. Went.

Dawkins said that if Albuquerque faces a ransomware situation that hasn’t been confirmed, it could face a more complex attack. Instead of holding the information hostage, ransomware attacks now threaten to sell the data online to the highest bidder. So student data in Albuquerque could not only be locked down, Dawkins said, but there is a risk of being shared with identity thieves and other bad actors.

Albuquerque Public Schools has not said if the cyberattack they face was a ransomware attack, only that their student information database was “compromised”, and that it is under laws to limit damages. Enforcement and working with contractors.

Whatever the reason, they face the same problems that Las Cruces faced in the days following the attack.

The database used to track attendance and that of other students was out of commission. It also felt that laptops needed to be quarantined and taken out of service, forcing teachers to work offline.

“Instantly our teaching department pivoted with pen and paper, you know, the old-fashioned kind of teaching so our print shop was printing materials. “The teachers were able to adapt very quickly,” Dawkins said.

Albuquerque public school officials did not elaborate on the decision to close the schools and on Thursday did not respond to requests about why the paper system was not possible.

The decision to continue classes at Las Cruces came at a cost. Dawkins said it probably took longer to erase and reset the school’s thousands of computers, while teachers and administrators were working normal hours, and they had to be without technology for weeks and weeks.

In January 2020, the district’s computers were up and running again—and in good time—the pandemic forced teachers and students to switch to distance learning just a few months later.

Get the latest from the Consumer Electronics Show on Gadgets 360 on our CES 2022 hub.


Source link

What Do You Think About this News