Mystery surrounds the malware attack on Houston County School servers, which officials could not confirm involves ransomware, through which hackers hold data hostage for a demanded ransom.
Superintendent David Sewell said that teachers’ computers may not be available for use by the school start date, which has been delayed to Monday, Aug. 5, four days later than the original Aug. 1 start date.
“More than likely, teachers will have to take roll the old-fashioned way – with pen and paper,” Sewell said.
As of Thursday afternoon, representatives from iNow, Houston County Schools’ student information system software, told the technology department that they are unsure when it will be back online.
It is unclear when the system was hacked, but Sewell was made aware early Tuesday. Malware, or malicious software, is any program or file that is harmful to a computer user. Types of malware can include computer viruses, worms, Trojan horses, and spyware.
The extent of the damage to the district is unknown, but it has had at least a temporary impact on telecommunications, computer functionality, and online services system-wide. As of late Thursday, phone service was still down and teachers have been asked to not to turn on their work computers.
“It’s going to take some time to get everything back up and running,” School Board Chairman Vince Wade said at a Thursday night specially called board meeting. “It’s a very serious deal. It’s not a dire situation, but it is a bad situation.”
Neither Houston County Sheriff Donald Valenza, Sewell, nor Technology Director Bob Blalock could not confirm nor deny whether student or staff data had been lost or stolen or if the hack affected financial records. Sewell did say that the system’s payroll and finances are done in-house, but teacher pay “should not be” affected.
Valenza told the Dothan Eagle earlier that the department is working with federal agencies, including the FBI, and other agencies that have experienced similar incidents in the past to locate the source of the crime.
Sewell said the start date pushback was due to staffers’ need for additional days to prepare for students arrival after missing two days of work due to access to internet. Teachers will report on their original start date of July 29.
Earlier in the day, he said the State Department of Education advised that the school system would not need to add additional school days to the back end of calendar.
Sewell called an emergency meeting Wednesday to discuss the server issue for an executive session, which is usually held to discuss legal matters or issues of good name and character of an employee, although some other reasons qualify.
"Upon advisement of counsel and law enforcement, we are unable to provide further information at this time," Sewell said in a statement.
Open house has been moved back to Thursday, Aug. 1 at 3 p.m. until 7 p.m.
Recently, three Connecticut schools are dealing with fallout from having their servers attacked with ransomware, according to a new report on Thursday from NBC Connecticut.
“Typically, ransomware is going to encrypt the information so you can’t access it. Then you pay the ransom to gain access it,” explained George Kudelchuk of the Kelser Corporation, an IT consultant in Glastonbury, to NBC. “It’s an epidemic and it’s a business, it’s a paying business for them.”
New Haven Public Schools in Conneticut told NBC that the attack last week did not compromise student information but did result in the district’s network having to be restored.
Kudelchuk said schools are vulnerable because there are so many different users on their network from staff to students who often go outside the network, according to the article. He added that cash-strapped school districts are often easy targets.