ALBUQUERQUE, NM (AP) — When the superintendent of Albuquerque Public Schools announced earlier this week that a cyberattack would result in the cancellation of classes for about 75,000 students, he noted that the district’s technology department had reported attacks “over the past few years.” fought off for weeks.”
Albuquerque is not alone, as five school districts in the state have suffered serious cyberattacks in the past two years, including one district still grappling with a cyber attack that occurred shortly after Christmas.
Cyber Security Expert Speaks Out About Bernalillo County’s Recent APS Attack
But it’s the first report of a cyber attack that had to cancel classes, which is all the more disruptive as schools are trying to keep personal learning going during the pandemic.
“If it seems like I’ve come to your house many times over the last few years to share difficult news with you, then you’re right. And here I am again, ”Superintendent Scott Elder said in a video address Thursday. “We face another challenge.”
The Thursday and Friday closings affect roughly one in five school children in New Mexico’s 35th school district after starting school, according to 2019 data from the National Center for Education Statistics. The district was one of the last in the state to reopen last year, as vaccines became available.
The small town of Truth or Consequences discovered a cyber attack on December 28 and has still not gained control of its computer systems.
“We’re not over the hill yet,” said Mike Torres, director of information technology for the school system in Truth or Consequences, a small town in central New Mexico.
The attack has not yet been reported. It came when the students were on vacation, allowing time to make contingency plans before the students returned. Torres says that while the attack “rendered computer systems unavailable,” the disruption was minimal.
That was not the case in Albuquerque, where teachers discovered Wednesday morning that they were locked out of the student information database, which tracks attendance, records emergency contacts for students and determines which adults are allowed to pick up which students at the end of the school day.
In 2019, Las Cruces Public School also suffered an attack on its student information database after a phishing attack tricked one or more employees into clicking a malicious link in an email months earlier, recalls Matt Dawkins, who IT director for this district.
After a hacker or hackers caught and spied on the district’s system, they carried out a ransomware attack. Data on many school computers, starting with the student database, has been encoded. A ransom was requested for the key.
“It’s kind of like having your house robbed, you know? That feeling of being hurt,” Dawkins said in an interview Thursday as his school went into lockdown due to an unrelated police call a mile away.
The school failed to pay the ransom and eventually found a way to restore its data systems to the state they were in the day before the attack. But it took months of hands-on work and additional spending on temporary Wi-Fi hotspots and a few new computers. Most of the cost of the attack was covered by insurance.
In the past two years, at least four other schools in New Mexico have been hit by costly cyberattacks, according to Patrick Sandoval, interim director of the New Mexico Public School Insurance Authority, which insures all districts in New Mexico except Albuquerque.
Destinations in the US in 2021 included universities, hospitals, and a large fuel pipeline. Data on the number of attacks and their costs is difficult to track, but the FBI’s 2020 annual report on cyberattacks said that around $ 4.1 billion in damage was reported by institutions across the country this year.
Dawkins added that if Albuquerque faces a ransomware situation that has not been confirmed, it could face a more complex attack. Instead of holding information hostage, ransomware attacks now threaten to sell data to the highest bidder online. So not only could student data in Albuquerque be locked up, Dawkins said, but it could also risk being shared with identity thieves and other malicious actors.
Albuquerque Public Schools has not said whether the cyberattack they are facing was a ransomware attack, only that their database of student information was “compromised” and that they are working with law enforcement and contractors to repair the damage to limit.
Whatever the cause, they face a similar problem as Las Cruces did in the days following the attack.
The database used to track attendance and other students was out of order. It was also realized that laptops had to be quarantined and taken out of service, forcing teachers to work offline.
“Immediately our teaching department was turning to pen and paper, you know, kind of an old-fashioned way of teaching, so our print shop printed materials. The teachers were able to adapt very quickly, ”said Dawkins.
Officials from the Albuquerque Public School failed to clarify the decision to close schools and on Thursday failed to respond to inquiries as to why a paper system was not possible.
The decision to continue teaching at Las Cruces came at a price. Dawkins said it likely took longer to wipe and reset the school’s thousands of computers while teachers and administrators worked at normal hours and lived without technology for weeks.
In January 2020, the district’s computers were up and running again and in good time – the pandemic forced teachers and students to take up distance learning just a few months later.
This version corrects the IT director’s first name in Truth or Consequences to Mike, not Mark.
Attanasio is a corps member for the Associated Press/Report for America Statehouse News Initiative. Report for America is a nonprofit national service program that places journalists in local newsrooms to cover undercover topics. Follow Attanasio on Twitter.