Students and staff from Minneapolis Public Schools returned to their school buildings this week. However, the ongoing issues resulting from a cyberattack that occurred in the district caused disruptions to continue for the remainder of the week.
There was an update to the district's attendance and grades system on Tuesday, and the system was working without a hitch. There are still some teachers who have difficulty logging into the programs, said Greta Callahan, the teacher chapter president of the Minneapolis Federation of Teachers. It was decided to cancel Monday's after-school activities because there was a problem that needed to be addressed.
There have been a few email updates from district officials to parents regarding the "technical difficulties" that have occurred due to an "encryption event", but they have not explained what caused them to have these difficulties. So far, some of the district's information systems have been unavailable for a week as a result of these problems.
The description of an "encryption event" may seem vague, but a ransomware attack could be what was happening, according to Matthew Wolfe, vice president of cybersecurity operations at Impero Software, a company that provides education software among other things.
School districts have become more and more targeted in recent years as a result of terrorist attacks. As a result of the rapid transition to distance learning at the beginning of the pandemic, Wolfe believes districts became easier targets for the aforementioned disease.
"With the increase in the number of devices, more areas are likely to be affected," Mr. Alexander explained, adding that because of the push to make e-learning accessible to all students at home, protection is often pushed to the back burner.
The recent spate of cyberattacks has made headlines repeatedly in recent months: A cyberattack in January forced schools in the Des Moines area to cancel classes. Los Angeles Unified, the country's second-largest school district, has been attacked by ransomware, reportedly from Vice Society, in the wake of the alleged attack. The dark web has been crawled by about 2,000 students following that incident, with their psychological examinations being uploaded.
There had not been any update from the Minneapolis district by the end of the school day Tuesday about what caused the incident and its cause. At a closed meeting held Tuesday night, a presentation on security issues related to IT would be made to the school board members.
The Minneapolis district has released an update on its investigation into whether personal information was compromised, and it has found no evidence of this.
However, the staff was tasked with resetting the passwords and guiding students through the procedure.
On Monday, as a result of teacher frustration, Callahan reported that teachers were having difficulties resetting student passwords. As a result, teachers had to come up with creative ways to come up with a wide variety of workshops and activities for the students since printers were also down.
There is a need for more transparency in the district's administration, according to Callahan. There does not seem to be anything else involved in this process other than just hoping everything works out by Monday.
Parents have repeatedly been informed that district officials have worked with external IT specialists and school IT personnel "around the clock" to investigate the root cause of this attack and to understand what is transpiring on the computer systems as a result of it.
When a cyberattack occurs at any time of day or night, school IT professionals are unavoidably overwhelmed and try to protect their schools constantly.
"They're going through a really tough time right now for a district and it's going to be a long process," he said.
Despite recent events that indicate Minneapolis schools may have been targeted, Wolfe said he believes it's likely that the schools have been targeted because of a 2020 incident that nearly caused the school district to incur a $50,000 loss. It is cyber fraud that occurs when payments are made to a fraudulent account to defraud a legitimate contractor.
Minneapolis Public Schools said in a statement that the money had been safely returned to the district. They added that additional protocols had been implemented as a result.
That incident was covered in a Fox 9 report that was published in February. In his testimony, Wolfe stated that a hacker engaged in a targeted attack is looking for vulnerabilities in a potential target.
Several stories have been reported in the news about staffing shortages in Minneapolis. These include the district's financial outlook, as well as the absence of a permanent superintendent in the district, Wolfe said. As Wolfe pointed out, even the fact that the district is preparing to launch a new website to the public may garner hacker interest.
"There is no doubt that this is an easy target to steal from because of all those digital footprints," Wolfe told.