Northshore School District (NSD) servers were hit with a “significant cyber attack” that rendered many systems non-operational.
The NSD technology department learned of the attack the night of Sept. 20. There is no evidence that any student, family or staff data has been compromised, according to the district.
“Out of an abundance of caution,” the district shut down other systems to prevent additional impact, according to a press release. Examples of systems that are currently non-operational include student data and business systems as well as some phone and voicemail services, according to NSD.
The district’s phones, food service payment system and Synergy/ParentVue/StudentVue took a hit. The district said full breakfast, lunch and milk will be served, but no a la carte snacks, beverages or entrees until the servers are back up and running.
“We are working with law enforcement and industry experts to continue investigating and to remedy the situation as quickly as possible, but anticipate that outages will likely be several days in duration,” NSD said in a release.
As of Wednesday, Sept. 25, the district said the phone system has been restored. Email services has remained operational. Synergy/ParentVue/StudentVue and food service system are still down.
“The good news is that phones and voicemail are back up and we expect many other systems to be restored in the next two-three days, including both Synergy and the food service systems,” NSD Superintendent Michelle Reid said in her Thursday Thoughts district blog on Sept. 26. “However, a number of systems that usually support our day-to-day learning and business are still down. We are implementing solutions for all impacted systems, but they will take a bit more time. Prioritization of the work on these and other major systems is critical to successfully and fully restoring all of our services.”
District staff are continuing to work directly with law enforcement and consultants to find solutions, this is still an active investigation.
NSD is one of many school districts nationwide that have had a cyber attack.
In 2018, there were 122 publicly disclosed cybersecurity incidents affecting 119 public K-12 education agencies across 38 states, according to The K-12 Cybersecurity Resource Center.
One of the most common causes for a cyber attack is spear phishing emails.
University of Washington Bothell (UWB) cyber security and privacy professor, Marc Dupuis, said spear phishing may have been the cause of NSD’s cyber attack.
“[Spear phishing] is something targeted and specific,” he said. “They’re emails that look completely safe that ask the recipient for some kind of access to a specific system.”
Dupuis said the cause of the cyber attack may also have been ransomware.
“It’s easily one of the most common form of cyber attacks,” he said. “The hackers get in the system and then threaten to destroy the hard drive unless you contact them and pay to save your system…It usually comes up as a pop up that you click.”
According to NSD, no ransom has been sent to the district at this time.
Dupuis said people and organizations can avoid cyber attacks through more education and system back ups.
“People are the weakest links in cyber security,” he said. “Going forward, providing more education and training for all staff and faculty may prevent another cyber attack happening again in the future…No one’s ever 100 percent secure but the more you know, the more you can be prepared.”
NSD has released its information about the cyber attack on its website, as well as updates, phone numbers and resources.