Malware & Data Security

After Ransomware Attack, District Hopes to Mandate Security Awareness

• By Dian Schaffhauser
• 09/16/19

An Illinois school district is working "around the clock" to bring its network back up after a ransomware attack. The problems struck Rockford Public School District 205 on Sept. 6, 2019, during the same week its 28,000 students returned to the classroom.

Outages included many of the district's phones, as well as its website and student information systems. Currently, the district is using its Facebook page to communicate with the community.

In statements to parents and staff, the school system reported that its IT team was working with an outside forensics firm to restore access. "Our No. 1 priority is the safety of our students and staff," an early notice stated. "This includes protecting staff and students' data and information. We have field experts helping our IT team evaluate the impact of this outage. We are working to get a complete picture of this incident and understand any impact to our data. We will provide additional updates and information when they’re available."

In a subsequent post last week, the district said that while it didn't appear that any personal information had been accessed by attackers, "user names and passwords might have been involved." As a result, when the computing systems are back online, users will need to change their passwords to gain access. They were also advised to change the passwords used on district-issued devices as well.

This week the district predicted that it would "hit several milestones" in its repair efforts, including restoring access to phones, bells and PA systems; providing staff with access to Google, Google Classroom and Google Drive; and restoring access to districtwide Wi-Fi so students could use their Chromebooks in class. "Our Information Technology team is working around the clock to rebuild our network and restore access," the Rockland officials wrote.

School board officials at Rockland will also vote later this week on spending $376,300 for IT upgrades. In a recommendation submitted by Executive Director of Technology, Jason Barthel, the allocations include $41,108 for "mandated" security awareness training from KnowBe4, which will be "specifically targeted to every...staff member".

The proposal also requested renewals of security software, including a Palo Alto Networks firewall subscription ($178,770 for three years), Sophos antivirus ($125,787 for four years) and Veeam for backup ($30,634 for an annual license).

Barthel noted in the document that his division would also begin reporting on the district's IT security status quarterly to the cabinet.