Remote and in-person learning in Buffalo Public Schools are canceled Monday as the school district continues to deal with a ransomware attack on Friday.
The district will use the day "to pressure test system restoration and access as well as communicate any new or required information for students to access virtual learning tools once instruction resumes," Superintendent Kriner Cash said in a letter posted on the district Facebook page Sunday evening. District and school-based staff are to report to their sites Monday.
It's a setback for the district, which was to have started the second phase of reopening Monday, when another 5,000 students were scheduled to return to the classroom. Instead, 30,000 students will be home. Remote learning was canceled Friday.
Cash said the district is working with with cybersecurity experts, and local, state and federal law enforcement to investigate the attack. The FBI and the district's consultant have not been able to determine if any personally identifiable information was exposed.
"The investigation, which is both system forensic and criminal, is in its preliminary stages and will continue round the clock for at least two more weeks," Cash said.
Cash said information technology staff started bringing systems offline after the cyberattack Friday morning as an "urgent precautionary measure."
"Although the investigation into this security incident is ongoing, our comprehensive investigative team has identified key findings related to its root cause and potential overall impact to BPS systems," he said in the letter.
The superintendent said the district is working on restoring systems that support the primary function of teaching and learning. Another priority is recovering affected business operation systems.
"The district will implement a longer term comprehensive initiative to enhance IT security and infrastructure going forward," he said.
The district's chief technology officer said in a memo last week that no demands had been made of the district. Cash's Sunday letter does not address the subject of ransom.
Nearly every aspect of a school is computerized, from remote instruction, student grades and attendance to staff records, to heating and ventilation systems, buses and school lunches. But it is not clear what aspects of the Buffalo district's system were affected.
The New York State School Boards Association has warned its members in recent years that cyberattacks on schools are on the rise. Schools are a prime target because they have so much information on students, parents and employees, as well as visitors and community members, Erin D. Gilsbach, a lawyer and founder of EdLaw Interactive, said during a 2019 association seminar.
She said a data attack can cause a loss of time and resources in reassembling data, and even schools with sophisticated backup servers usually lose some data in a ransomware attack, she said.
Districts across the area are mindful of data breaches and cybersecurity, said Hamburg Superintendent Michael Cornell, who is president of the Erie-Niagara School Superintendents Association.
The Buffalo attack is a reminder there are people with nefarious objectives looking to infiltrate school systems all the time, he said.
"We take data security and data privacy seriously. I think that is true of all school districts," Cornell said. "In Hamburg and across Western New York, we all take the issue very seriously. We're always focused on it."