Someone attacked the Kearny public school district’s computer system last week, threatening to hold the system “hostage” unless a “ransom” was paid, school officials have confirmed.
But, despite rumors to the contrary, Schools Superintendent Patricia Blood insisted last week that, “We were not hacked. Rather, some of our files were infected with malware after someone opened an [email] attachment that contained that malware.”
For that reason, Blood said, “We are not required to notify the State or local police in this instance.”
And, added Blood, “Although we have extensive antivirus and anti-malware in place, this [malware] was a new variant embedded in an email attachment. Our district engineer and tech staff have worked diligently to clear the infected files and restore all files through our back-up system.”
Still, one local high-ranking law enforcement official wondered why no one from the district reached out to the KPD, adding that even if the local gendarmes could not find the perpetrators, they could certainly refer the district to the FBI and/or cyber- crime experts in the Department of Homeland Security.
Neil Brohm, the district’s director of technology, said that given the many recent cyber assaults on other schools, hospitals and corporations, he had reached out a few months ago to the state Department of Education to see if the DOE could recommend any special anti-virus safeguards but was told such protocols were up to the local districts.
Asked about that, DOE spokesman Rich Vespucci said, in part: “Each district operates on its own network and state education laws and regulations don’t dictate how school districts should protect themselves or their data; those decisions are made locally.”
If they wish, Vespucci said, districts are free to “contact the New Jersey Cybersecurity and Communications Integration Cell, which is part of the state Office of Homeland Security and Preparedness,” which, he added, “is linked to the State Police and FBI.”
Aside from Blood, Michael DeVita, the board’s secretary/business administrator, also confirmed the computer mishap. At BOE headquarters last Wednesday, he was using a laptop to access central office files after he could not secure access to his personal computer.
For more technical details, DeVita referred a reporter to Brohm, who told The Observer that a school employee inadvertently introduced the computer virus last Monday after opening an email message containing “a very prevalent form of malware” called “ransomware.”
Wikipedia defines ransomware as “a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way and demands that the user pay a ransom [typically in bitcoin] to the malware operators to remove the restriction.”
However, “we didn’t answer” the message and “we’re not paying a ransom,” Brohm said. “We don’t know where it came from.”
Ransomware attacks are potentially catastrophic to the computer system user since the virus, Wikipedia notes, can “systematically encrypt files on the system’s hard drive, which becomes intractable to decrypt without paying the ransom for the decryption key [while] other attacks may simply lock the system and display messages to coax the user into paying.”
Brohm said the virus that infected Kearny’s system is believed to have impacted only school employees’ Microsoft Word files and email messages but reportedly did not compromise any files “critical to the operation of the district” such as student data, human resources, payroll and the like.
Nevertheless, all schools across the district were affected to the extent that Word files would not open and the use of in-class “smartboards” – interactive large computer screens – was “limited,” Brohm said.
By week’s end, Brohm said the district was continuing to restore all impacted files with the aid of digital backup systems. Administrators, teachers and parents can access information remotely, he added.
Early in the week, the district circulated an email to employees using computers advising them about the problem, that “some Office-type documents (Word, Excel, Powerpoint) were affected … and we are working as quickly as possible to restore our systems to full working order.” Already “back on line,” it said, were “the Main Offices, the Nurses’ Offices and a few selected others.”
Last Friday, an updated email projected that “the systems will be up and running by Monday — and they were. The tech staff worked throughout the weekend to complete the necessary processes.” And, it added, “Genesis [a faculty portal] and the KearnySchools.com email may be used on home computers or other mobile devices outside the school environment.”