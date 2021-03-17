Buffalo Public Schools has made “significant progress” in recent days restoring its computer networks following last week’s ransomware attack and plans to resume in-person classes again starting Monday.
“Amazingly, the academic systems and tools we need for teaching and learning, they are by far at 90 to 95% back to functionality. So that’s the really good news,” Superintendent Kriner Cash said.
But certain sectors of the district’s networks – which control everything from remote instruction to bus routing to heating and ventilation – are experiencing “intermittent stability,” he explained to the Board of Education on Wednesday.
“On the business side,” Cash said, “some of the systems are going to need a few more days of work.”
Cash, however, said he feels confident that as long as the district continues making progress on the systems, Buffalo Public Schools can pick up where it left off prior to the cyberattack and begin phase two of reopening classrooms next week. Students will continue learning remotely from home Thursday and Friday.
“The plan we had intended to execute this past Monday we believe we will be able to do this next Monday,” Cash said.
Buffalo Public Schools was the last local district to reopen for in-person instruction on Feb. 1, when high school seniors, students in grades pre-K through second and those with the highest needs were invited back into the schools, some on a part-time basis and others five days a week.
This second phase will, for the most part, return third and fourth graders, as well as students in grades nine and 11. It brings to roughly 12,000 the number of students returning to some form of in-person learning.
While Cash talked about the progress in restoring its networks and getting students back to class, he did not provide further details on what happened last Friday when the school system announced it was the victim of a ransomware attack. Ransomware is a malicious software that, in general, blocks access to the user’s computer system until a ransom is paid.
Some of the key questions:
How did the cybercriminals get into the district networks?
Was any personal information stolen?
Has the district been presented with a ransom demand yet, for how much and would the district pay it?
“Keep in mind colleagues this is a criminal investigation and we are probably being watched at this time so we’ll keep our comments at a very high level while trying to help the public understand more fully what has happened,” Cash said.
Cybercriminals are particularly fond of targeting government agencies and school districts, which are generally less likely to devote the financial resources necessary to guard against attacks, according to cybersecurity experts.
Not only are school districts less likely to hire cybersecurity experts or invest in the outside services needed to prevent ransomware and other cybersecurity attacks, experts said, but school districts have become even more vulnerable because they've had to fast-track new remote learning models due to the coronavirus pandemic.
In fact, federal agencies in December warned K-12 schools that ransomware attacks, the theft of data and the disruption of distance learning services have been on the rise since the start of the school year, as districts have relied more and more on technology and online learning during the Covid-19 pandemic.
An advisory, issued by the FBI and Department of Homeland Security, noted that from January through July, 28% of all reported ransomware cases involved K-12 schools. In August and September, 57% involved schools.
The Victor Central School District near Rochester was down for a week early last month due to a ransomware attack.