On Wednesday 25th November, Baltimore County’s school network was penetrated by cybercriminals and held hostage in a ransomware attack.
School staff were completely locked out of the internal network forcing the school to shut its virtual doors to 115,000+ students currently attending lessons online.
The cyber attack was announced on the Baltimore County Public Schools Twitter account. The county police department is working with the state's Emergency Management Agency and the FBI to investigate and resolve the data breach.
Details of the cyber attack are being drip-fed on social media as the investigation continues.
Because the ransomware software has locked staff out of their internal systems, they can only communicate with parents and students via social media posts, and not via email.
Ransomware attackers target and encrypt sensitive data and only reverse their actions if a ransom price is paid. Because ransomware is specifically developed to contend remediation efforts, it could take anywhere between a few days to a few weeks for online classes to commence again.
It has been announced that the school will remain closed for at least the next two days.
The latest findings of the cyber attack investigation revealed that Baltimore County Public School issued Chromebooks were not impacted by the ransomware attack. Students have been permitted to use these devices and associated Google accounts.
The security status of school issued Windows-based devices is still questionable. Students are advised to refrain from using these devices until further notice.
Since August 2020, about half of U.S public school students have been attending classes remotely, with a recent increase following a spike in Covid-19 cases across the U.S. This increased dependency upon internal systems magnifies the disruption to lesson delivery when a cyber attack takes place.
The coronavirus has forced pragmatic institutions like public schools to suddenly digitize their processes. In a rush to meet this rapid requirement, many schools have likely overlooked the prevalence and risk of data breaches.
Since organizations unprepared for cyber attacks are a prime target for cybercriminals, cyber attackers will likely continue to test the security defenses of school systems in the United States and globally.