author photo
By Bruce Sussman
Thu | Jan 2, 2020 | 8:54 AM PST

A group of students, parents and, teachers got some unexpected news to start the new decade: the holiday break is being extended because of a cyberattack.

Perhaps it is a sign of the decade to come. 

Ransomware attack against Michigan Schools

Richmond Community Schools outside Detroit posted an urgent and highlighted message on its website:

ransomware-richmond-highlight

"Over the holiday break, "several district servers were "attacked" by a Ransomware virus. The virus affected critical operating systems in the district, including but not limited to heating, telephones, copiers, and classroom technology."

The district claims in bold letters on its website:

"No student or staff information has been compromised."

It then announced that although schools were supposed to resume Thursday, January 2, 2020, it was canceling the return to school until Monday, January 6.

And it canceled everything happening at school buildings. This notice from the district Facebook page says the boys' basketball games are postponed:

ransomware-richmond-basketball-game

At least they included the #HappyNewYear hashtag to make the news seem more festive.

Bipartisan bill in Congress trying to protect schools from ransomware

Attacks like these are a frequent topic of discussion at regional SecureWorld cybersecurity conferences and now, in Congress.

U.S. Senator Gary Peters from Michigan (a Democrat) recently teamed up with Senator Rick Scott from Florida (a Republican) to introduce legislation aimed at helping schools defend themselves against cyberattacks. It's called the K-12 Cybersecurity Act of 2019.

"Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of [the] resources and information needed to adequately defend themselves against sophisticated cyber-attacks," said Peters.

"This common-sense, bipartisan legislation will help to ensure that schools in Michigan and across the country can protect themselves from hackers looking to take advantage of our nation’s cybersecurity vulnerabilities."

The act would direct the Cybersecurity and Infrastructure Security Agency (CISA) to create specific guidelines and best practices around cybersecurity for schools and how to approach implementation.

Based on the number of successful cyberattacks against school districts, it appears that many district IT teams could certainly use the help.

Comments