Three Connecticut schools have been targeted by ransomware attacks.
In two of the cases student and staff information was accessed, though officials in those districts say there is no evidence that it was misused.
“Typically, ransomware is going to encrypt the information so you can’t access it. Then you pay the ransom to gain access it,” explained George Kudelchuk of the Kelser Corporation an IT consultant in Glastonbury. “It’s an epidemic and it’s a business, it’s a paying business for them.”
Kudelchuk said that victims can be enticed to pay upwards of $1,000 to get their information back. Once they have your money there’s no certainty that you’ll get your information back or that it won’t happen again, he pointed out.
None of the school districts have said whether they paid a ransom to get their information back, but Kudelchuk said that larger organizations like school systems often have a back-up that can be used to regenerate their network.
The Wallingford School District told NBC Connecticut that they received preliminary notice of, “...a security incident that impacted a limited number of students' directory information, including names and, in some cases, dates of birth and email addresses. The incident did not involve the Social Security number or assessment information.”
“It’s really scary. It’s very personal information,” said Ibtihal Anbar, a Wallingford mother who has two students entering school in the district this year.
Local
Unlike a data breach where private information like social security numbers are stolen, a ransomware attack doesn’t usually involve identity theft, according to Kudelchuk.
“They’re not actually pulling the data out, they’re just encrypting it so you can’t do anything with it,” he explained.
The Pomfret schools were recently made aware of a similar incident to a program they haven’t used in five years.
“As a result of the incident, we are undergoing a review to determine additional steps we can take to further enhance the safety and security,” the school’s principal, Susan Imschweiler, said in a letter to parents.
Meanwhile, New Haven Public Schools say a ransomware attack last week did not compromise student information but did result in the district’s network having to be restored. In a statement, the district said, “Ransomware is a real threat that all organizations must deal with.” The district “...is constantly working to update and maintain all protocols to protect its technology infrastructure."
Kudelchuk said schools are vulnerable because there are so many different users on their network from staff to students who often go outside the network. He added that cash-strapped school districts are often easy targets.
“Based on budget they may not have the latest and greatest security,” he pointed out.
Some parents say school districts should place a higher priority on internet security.
“Our children are our future. So, their records and information should be protected," said one parent with children in New Haven public schools.
