School Year Extended After Cyberattack on Iowa School District
The school year is being extended for public schools in Des Moines, Iowa, after a cyberattack forced them to close.
On Jan. 9, Des Moines Public Schools (DMPS) was alerted to a cybersecurity incident on its technology network. It then canceled classes on Jan. 10.
In an update, the school district said it made significant progress in restoring some systems so classes could resume on Jan. 12.
“Students should expect an offline learning experience until further notice as internet access and other networked resources will be limited,” it said.
Dirk Schrader is vice president of research at Netwrix. He said the incident is one more event in a long list of attacks on K-12 institutions in the United States and around the globe.
“Just a few days ago, 14 schools in the United Kingdom were hit by a cyberattack attributed to a group called Vice Society, leading to the loss of personal information of pupils and staff,” he said. “Vice Society is also behind a range of other attacks on schools in the United States and the United Kingdom, with the FBI issuing a joint alert about the group. A recent U.S. Government Accountability Office (GAO) report lists phishing, ransomware, distributed denial of service (DDoS) and attacks on video conferencing systems as the major targets. But in today’s interconnected world, there are many more networked systems that can potentially be impacted by a cyberattack on a school’s core infrastructure.”
For staff, students and parents, as the data usually held by a school includes sensitive information, an incident response plan should be prepared, Schrader said.
“What accounts and email addresses were used in relation to school activities?” he said. “Were the passwords for these reused somewhere else (worst case scenario for a security professional)? As financial data might be affected, credit monitoring should be considered as well.”
The incident is also another prominent reminder for everyone to stay vigilant with personal data and the accounts in use, Schrader said.
“It’s wise to enable multifactor authentication (MFA) if possible, using a password management solution, or, generically, be savvy about your data, your digital identities and your devices,” he said. “This will help in advance for a likely wave of phishing attempts following such an event, even if no data has been exfiltrated at all.”
