Cyber criminals targeting Haywood County Schools with ransomeware have derailed another day of remote learning, with school called off for Tuesday, as well.
It is unclear when school will resume.
“We have three cyber experts working on things with us literally as we speak,” Superintendent Dr. Bill Nolte said Monday night.
Ransomware is a type of cyber attack that cripples computer servers and holds them hostage until a ransom is paid.
“We have no plans to pay it at this time,” Nolte said. “We would only do it as a last resort.”
The school system must sort out what has been compromised and then try to rebuild its computer system through back-ups.
In the meantime, it’s unclear when students will resume remote learning. Middle and high school students were one week into their online classes, and elementary students were slated to begin their classes Monday.
Parents don’t need to be concerned about students' social security numbers being compromised, because the school system doesn’t collect social security numbers for students.
Parents who load money onto their student’s lunch accounts online don’t need to worry about their credit card numbers being stolen either, because the online portal for lunch money payments is handled by a third-party system and the credit card numbers don’t run through Haywood County School’s servers.
The online instruction platform used for remote learning hasn’t been compromised either. Students and teachers use Google Classrooms, which is housed on Google’s servers — and thus untouched by the school system’s ransomware attack.
While the Google Classroom portal is still functioning perfectly, the school system didn’t want students firing up their school-issued Chromebooks to do their assignments until more is known.
“We don’t have any concerns at all about Google Classrooms, but we don’t necessarily want 7,000 kids trying communicate with 500 or 600 teachers,” Nolte explained.
Ransomware had become a growing problem for school systems across the country even before COVID. Now, with school systems relying on digital technology for remote learning, they are seen as low-hanging fruit by hackers — especially at the beginning of the year as schools are rolling out remote learning.
“This is a particularly tough time of year. There is very little tolerance for not having your system running, so there’s a temptation to pay the ransom to get it fixed easily,” said Doug Levin President of EdTech Strategies and a national cyber security consultant for educational institutions.
However, Nolte said the school system doesn’t even know how much the hackers are asking in ransom. They never got that far, instead shutting down everything as soon as the corruption was detected Monday morning.
“We shut it down — lock, stock and barrel. We lost our phone, our internet, our servers,” Nolte said. “When the water is running over out of the sink, you turn it off immediately. Then you worry about figuring out how much spilled.”