APS cyberattack latest in a series targeting schools

Scott Elder

SANTA FE – When the principal of Albuquerque Public Schools announced earlier this week that a cyber attack would cancel classes for about 75,000 students, he noted that the area’s technology department had been fending off the attacks “for the past few weeks.”

Albuquerque is not alone, as five school districts in the state have suffered significant cyber attacks in the past two years, including one district that is still grappling with a cyberattack that occurred just after Christmas.

But it’s the first time a cyber attack has been reported that required classes to be cancelled, and the matter is getting more complicated as schools try to continue in-person learning during the pandemic.

“If it seems like I’ve come to your homes a lot in the past two years to share difficult news, you’re right. And here I am again,” Superintendent Scott Elder said in a video address on Thursday.

The shutdowns, Thursday and Friday, affect nearly one in five students in New Mexico, the country’s 35th-largest school district by enrollment, according to 2019 data from the National Center for Education Statistics. The district was one of the last in the state to reopen last year with vaccines available.

The small town of Truth or Consequences discovered a cyber attack on December 28, and it still hasn’t gained control of its computer systems.

“We’re not out of the woods yet,” said Mike Torres, director of information technology for the school system at Truth or Consequences.

The attack had not been previously reported. This came when the students were on vacation, allowing them time to make contingency plans before the students returned. Although the attack “made computer systems unavailable,” Torres says, the disruption was minimal.

That was not the case in Albuquerque, where teachers discovered Wednesday morning that they had been denied access to a student information database that tracks attendance, records emergency contacts for students, and tracks adults are allowed to pick students at the end of school. day.

In 2019, Las Cruces Public Schools also suffered an attack on its student information database, after a phishing attack lured one or more employees to click on a malicious link in an email months earlier, recalls Matt Dawkins, IT director for that district. .

After covering up and exploring the area system, a hacker or hacker has carried out a ransomware attack. The data on several school computers, starting with the students’ database, was locked in encryption. A ransom was demanded for the key.

“It’s kind of like when your house gets burgled, you know? Dawkins said, in an interview on Thursday, that his school was closed due to a non-police call a mile away.

The school did not pay the ransom, and eventually found a way to reset data systems to the state they were in the day before the attack. But it required months of hands-on work, additional expenses for temporary Wi-Fi hotspots and some new computers. Insurance covered much of the cost of the attack.

In the past two years, at least four other New Mexico schools have been hit by costly cyber attacks, according to Patrick Sandoval, interim director of the New Mexico Public Schools Insurance Authority, which secures all areas of New Mexico except Albuquerque.

Targets across the United States in 2021 included universities, hospitals, and a major fuel pipeline. Data on the number and cost of attacks is hard to track, but the FBI’s 2020 annual report on cyberattacks said about $4.1 billion in damages were reported by organizations across the country that year.

Dawkins added that if Albuquerque encounters a case of ransomware, which has yet to be confirmed, it could face a more sophisticated attack. Instead of holding information hostage, ransomware attacks now threaten to sell the data to the highest paying online. Dawkins said student data in Albuquerque may not only be locked down, but at risk of being shared with identity thieves and other bad parties.

Albuquerque Public Schools has not said if the cyber attack they are facing is a ransomware attack, only that their student information database has been “hacked,” and that it is working with law enforcement and contractors to limit the damage.

Whatever the reason, they face a similar problem as Las Cruces faced in the days after the attack.

The database used to track attendance and other students was out of commission. It also realized that laptops needed to be quarantined and taken out of service, forcing teachers to work offline.

“Immediately, our instructional department centered with pen and paper, you know, kind of old-fashioned teaching, so our printing press was print material. The teachers were able to adapt very quickly,” Dawkins said.

Albuquerque Public School officials did not explain the decision to close the schools, nor did they respond to requests Thursday about why the paper-based system was not possible.

The decision to continue studying at Las Cruces came at a cost. It may have taken longer to clear and reset the school’s thousands of computers while teachers and administrators were working normal hours, Dawkins said, and had to live without technology for weeks and weeks.

In January 2020, computers in the area are up and running again and just in time — the pandemic has forced teachers and students to learn remotely after just a few months.

Leave a Comment