As educators, parents and students braced for the start of the academic calendar, the focus on the uncertainties of returning to school during COVID-19 gave way to a different type of threat when a ransomware attack forced a Hartford, Connecticut school district to cancel the first day of classes.
The ransomware attacked more than two-thirds of the school districts servers, impacting essential systems which made on-site student learning and district-provided busing impossible. Citing these two challenges, Hartford officials had no choice but to send out notices that the first day of school was being postponed for the nearly 18,000 students and 1,600 teachers.
After further investigation, the city confirmed that the ransomware virus had entered their systems a few days prior to being discovered and investigators were confident that no personal, private or financial information was accessed or stolen in the attack. Upon learning about the attack, the city was quick to act, and administrators spent the weekend restoring and rebooting their systems, as well as inspecting all district hardware to confirm devices were safe for in-person and remote instruction.
The attack also impacted Hartford’s first responders, but the harm was described as more of an inconvenience to their back-end services and did not impact any operational capabilities that would prevent or delay emergency service response time. Hartford Mayor Luke Bronin stated the ransomware attack was the "most extensive and significant attack in the last five years in the city". As of this article no details have been released on the amount of ransom requested or if the attack was even targeting to delay the first day of school. The FBI and Hartford Police Department are still investigating the attack and classes resumed without incident the following day.
While the postponement was met with understandable frustration and disappointment from faculty, students and parents, the reality of the situation is that the damage could have been much worse if the city of Hartford did not take cybersecurity seriously. Bronin had seen the impact of ransomware attacks on other Connecticut communities in the past and worked with city officials over the prior year to invest approximately $500,000 in cybersecurity improvements, which he directly attributes to the successful response to the attack and for preventing any significant damages.
With the focus on how students are returning to class, and an increase in virtual learning in the current pandemic world, this story is another reminder that organizations need to keep their guard up against cyber threats. We know firsthand that incidents like this can strike at any moment, and the importance of assessing security posture, investing in cybersecurity and planning for incidents can be the difference between missing one day of school or shutting down an entire municipality.
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].
In addition, our Incident Response Team is available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.
Learn more about how private colleges and universities tackled the Coronavirus pandemic and maintained consistent operating cash flow margins consistent with years prior and how federal aid to many colleges and universities helped boost performance amid the decline in fiscal 2020 operating revenues. ...