The attack was limited and no one’s information was stolen, according to the district. The State Law Enforcement Division was contacted.
“It was very, very fortunate that it was not widespread and that we were able to find out what was going on and rectify it immediately,” District Director of Technology and Information Systems Mark Parker said.
A single district computer was found to have malware in October when a district employee tried to go on one of the district’s websites and hit a roadblock, Parker said.
Malware is software that is specifically designed to disrupt, damage or give unauthorized access to a computer system.
Parker said he is very grateful that the malware did not spread beyond the computer.
“It was going to affect anybody who tried to access that website. It did not affect anybody’s personal data, it just affected people from accessing that computer,” he said.
Parker said he was not surprised that the district was one of many which had fallen victim to cyberattacks.
“We’re not the only case. So we have not heard back from SLED yet. They told us it would take some time because they had other districts before us and not just districts, but health care facilities,” Parker said.
Parker said he educates district employees to not open anything, such as an email, that may look suspicious.
“Most of the time when there’s a ransom, it’ll actually be showing on the screen. As soon as you go to that screen, it’ll show. But in our case, when I ran the malware check, I immediately knew what it was and then I didn’t go into anything else. I disabled it from the network,” he said.
Data backups are key in helping the district ward off extensive damage from malware attacks.
“You cannot prevent it. All you can do is be prepared. What we’re doing is making sure that we have our backups in place, as we do. That’s how we can recover,” Parker said.
The district also informs employees about computer security.
“First thing, if you don’t recognize who it is, don’t click on it. Secondly, if you recognize who it is,” take a look at the domain from which it’s coming to look for any discrepancies with districtwide email addressing, he said.
Some districts are sending out emails to see if employees click on them.
"It’s not just to get someone in trouble, but to educate everybody. You just never know the tactics which these cyberhackers are going to use. The best thing that you can do is have a backup in place,” Parker said.
Ryan Brown, spokesperson for the state Department of Education, said in an email that reports of malware and other data hacks are generally sent directly to law enforcement.
“We receive periodic notifications so that we can stay up to date, but don’t necessarily hear of every instance,” Brown said.
He said the agency offers support and technical assistance to school districts related to technology, data backup and recovery.
“The SCDE will monitor backups, address technical issues, correct errors and notify customers of instances when information has not been backed up according to plan. Customers are responsible for testing to ensure that the backed-up data is accurate and complete, and can schedule such tests with the SCDE,” Brown said.
He noted that data is backed up at a primary data center and a secondary center.
Brown said the agency also has licensed Nexpose software that a district may use to scan its systems for security vulnerabilities.
“We also offer assistance with performing technology health checks, identifying subject matter experts in districts, evaluating the IT infrastructure and troubleshooting, formulating strategic plans and action plans and setup for PowerSchool hosting,” he said.
Parker said, “It’s so important to make sure your backups are in place. I know things happen out of your control, but you have to do everything you can. That’s what we’re doing here not just because of this malware attack, but we’ve been doing it prior. That’s going to be your key for any district and that’s what we’ve been pushing.”
©2020 The Times and Democrat (Orangeburg, S.C.) Distributed by Tribune Content Agency, LLC.
