Ransomware attacks keep appearing against public institutions and large US-based companies, as new reports emerge every week, which has set off alarm bells among members of the cybersecurity community. The most recent incident was reported in the Nampa Idaho school district, whose officials have revealed a serious cyberattack that managed to disrupt the functions of the entire school district network last Wednesday morning, mentioned information security specialists.
Kathleen Tuck, a spokeswoman for the school district, mentioned that the attack originated with malicious email, although she did not specify who opened the message. As a security measure, the Nampa district closed its networks and temporarily cut off Internet access in all its schools. “Teachers have already been informed, all schools will remain offline at least until next week; in addition, full recovery will take a little longer,” Tuck said.
Although classes will not be interrupted during this process, teachers and administrative staff at Nampa schools will have to use pencil and paper to continue their activities. “We’ve been working pretty well without technology,” said one of the city’s teachers.
The city’s government information security experts say all information held by the school district is secured and access for school staff will soon be restored. In addition, they claim that not all computer equipment was compromised during the incident.
Local authorities are working with their insurance agency and the Idaho Risk Management Program to investigate the incident, and the services of an independent security firm were contracted. The city government reportedly has an insurance policy against cybersecurity incidents, so the insurance company is expected to cover most of the expenses caused by this cyberattack.
Through the last months, ransomware attacks reported by information security experts had only been detected on some management systems in local governments; however, recently the perpetrators of these incidents began to show particular interest compromising operations in schools in some small towns.
One of the first cases occurred in Alabama, where authorities reported a security incident that compromised systems for an unspecified number of schools in the Middletown school district.
Michael Conner, the district’s superintendent, mentioned that it was a ransomware infection, adding that authorities were not planning to pay any ransom. “We are working with specialists to determine how hackers entered our systems; we will also implement a recovery process as soon as possible.” To date, two of Middletown’s six computer systems continue to operate with multiple limitations.
Perhaps the most serious case was the one in the state of Louisiana, which suffered a cyberattack that affected the systems of dozens of schools in the state; according to computer security specialists at the International Institute of Cyber Security (IICS), the state governor even issued an emergency declaration throughout Louisiana, a move with which the local government expected obtain the necessary resources for the investigation and recovery of the incident, which paralyzed school systems critically.