Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Incident & Breach Response
Ransomware and DDoS Attacks Disrupt More SchoolsBack-to-School Plans Interrupted in School Districts From Florida to Connecticut
(This story has been updated.)
The start of classroom and online instruction at Hartford Public Schools in Connecticut was canceled Tuesday as a result of a ransomware attack – the latest in a series of online attacks that have disrupted some schools' return to teaching this fall. Last week, for example, online instruction at Miami-Dade County Public Schools in Florida was disrupted by distributed denial-of-service attacks.
These districts join schools in Alabama, Oklahoma and New York, among other locations, that have had their operations affected by some type of online attack in recent weeks.
Cybersecurity professionals had been predicting a spike in ransomware attacks this fall as new hybrid learning environments go online and unpatched equipment that has spent months in the homes of students and faculty is reconnected to school networks (see: As Classes Resume, Schools Face Ransomware Risk).
Hartford canceled the first day of classroom instruction scheduled for Tuesday, citing a ransomware attack discovered the previous day by the Metro Hartford Information Services - the district's shared service team that manages its infrastructure and network. The online attack knocked school as well as city systems offline.
"We have been informed by Metro Hartford Information Services, our city of Hartford shared services team, that manages our network infrastructure, that the ransomware virus caused an outage of critical systems and the restoration of those systems are not complete,” school officials say in a statement. “This includes the system that communicates our transportation routes to our bus company and it is preventing our ability to operate schools on Tuesday.”
The district, in an update, says the computer system was restored Tuesday with online and classroom instruction rescheduled to start on Wednesday. Officials say no student or employee personal data was accessed or stolen during the attack.
Hartford Mayor Luke Bronin, in a Tuesday press conference, said the ransomware attack also affected the city's public safety system, although its 911 service remained operational. The city recently purchased new cybersecurity software, which Bronin credits with helping limit the damage in this attack. And the city has purchased cyber insurance for itself and the school district.
A ransom note was received but did not contain a specific monetary demand, Bronin says, adding the city and school district have no intention of contacting the attackers.
On Sept. 2, Miami-Dade schools cancelled online classes for 200,000 students due to a series of DDoS attacks, the district noted in a tweet.
As a result of the attacks, the district switched to Zoom, Microsoft Teams and other alternative systems for its distance learning classes instead of its own applications. This is expected to continue until Sept. 11.
The district reports one of its students was arrested in connection with the attack.
"The student admitted to orchestrating eight distributed denial-of-service attacks designed to overwhelm district networks, including web-based systems needed for My School Online,” district officials said in a statement. “The student used an online application to carry out these attacks and has been charged with computer use in an attempt to defraud - a third-degree felony, and Interference with an educational institution - a second-degree misdemeanor.”
Universities are also being hit with fresh hack attacks this fall.
For example, the U.K.'s Newcastle University was targeted (see: Report: UK Universities Vulnerable to Cyberattacks). And the University of Utah recently paid a ransom to avoid the disclosure of data that was stolen (see: University of Utah Pays Ransom to Avoid Data Disclosure).