NC District Hit with Malware Costing $314,000 for Cleanup

A North Carolina school district was hit with the Emotet virus, crippling its network infrastructure. Last week, Rockingham County School District Superintendent Rodney Shotwell held a press conference, in which he described how the district fell victim to a computer malware attack through users clicking on infected EXE files in their e-mail, under the subject heading, "Incorrect invoice." Clean-up is expected to cost $314,000.

Emotet, according to security firm Sophos, is an advanced network worm that drops "malicious payloads onto target computers." It's designed to steal a user's online banking details, and stopping it requires "every machine on the infected network to be protected with anti-virus."

The first clue that something was wrong at Rockingham came when Google disabled certain e-mail accounts because they were producing spam e-mails. That was followed by reports from users who couldn't connect to the internet through their web browsers. Malware mitigation and clean-up began at that time.

During the press conference, Shotwell explained that even after all of the infected computers at the district were cleaned and re-imaged, they became re-infected. At that point the district IT team called in the cavalry, including the U.S. Federal Bureau of Investigation, as well as local IT experts.

Rockingham also began working with ProLogic ITS for virus mitigation services for about a dozen servers and 3,000 client machines. While the $314,000 contract with the IT consultancy will bring in 10 engineers for a total of about 1,200 on-site hours, according to reporting by Rockingham Now, it will also pay for ongoing virus mitigation services for the next year.

"It's like a disease," said Shotwell. "We're trying to quarantine it. Right now, there's not a software out there for this malware that will enable you to clean the device and ensure that it won't come back." Even though the school system has used antivirus software for a "very long time" and updated its systems, the malware is designed to find those computers that haven't been updated and exploit them.

On the positive side, Shotwell added, the antivirus capabilities did "chew up the ransomware where it did not activate." As a result, "our data was never compromised because of ransomware. Our data was protected and saved."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • students using digital devices, surrounded by abstract AI motifs and soft geometric design

    Ed Tech Startup Kira Launches AI-Native Learning Platform

    A new K-12 learning platform aims to bring personalized education to every student. Kira, one of the latest ed tech ventures from Andrew Ng, former director of Stanford's AI Lab and co-founder of Coursera and DeepLearning.AI, "integrates artificial intelligence directly into every educational workflow — from lesson planning and instruction to grading, intervention, and reporting," according to a news announcement.

  • toolbox featuring a circuit-like AI symbol and containing a screwdriver, wrench, and hammer

    Microsoft Launches AI Tools for Educators

    Microsoft has introduced a variety of AI tools aimed at helping educators develop personalized learning experiences for their students, create content more efficiently, and increase student engagement.

  • laptop displaying a red padlock icon sits on a wooden desk with a digital network interface background

    Reports Point to Domain Controllers as Prime Ransomware Targets

    A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the persistent threat of AD compromise.

  • Two hands shaking in the center with subtle technology icons, graphs, binary code, and a padlock in the dark blue background

    Two Areas for K-12 Schools to Assess for When to Work with a Managed Services Provider

    The complexity of today’s IT network infrastructure and increased cybersecurity risk are quickly moving beyond many school districts’ ability to manage on their own. But a new technology model, a partnership with a managed services provider, offers a way forward for schools to overcome these challenges.