By Bobby Stilwell, WHNT News 19 | Featuring David Jarmon, VP, Cybersecurity and DevOps
HUNTSVILLE, Ala. – Huntsville City Schools shutdown operations and dismissed classes early Monday after a ransomware attack. Schools in the District will remain closed on Tuesday, Dec. 1.
Huntsville City Schools is urging anybody with district-issued technology to shut down the devices and keep them off until further notice. Additionally, HCS advises everyone to avoid logging into any HCS platform.
News 19 spoke with a Huntsville-based cybersecurity expert who said the District appeared to be handing the aftermath of the hack properly, and added that no network security system is completely foolproof. “Most of the time you see things through email, through phishing attempts, things like that. You know, an employee just clicks on the wrong link,” said David Jarmon, Vice President of Cybersecurity for Gray Analytics.
“Essentially, as part of a ransomware attack, they essentially try to hold on to your information, try to change the passwords so that you as an organization can’t access it, and then charge you a ransom in order to regain access to it,” said Craig Williams, Chief Communications Officer for HCS.
The school system was alerted to the cybersecurity threat after a large amount of calls to the IT desk.
“When we started seeing that number of calls on a Monday morning, we realized something must be weird, something must be happening, so our IT team immediately worked to identify and they discovered it does appear to be a ransomware attack,” said Williams.
“If they found it this morning, what they’re likely doing is triaging, and they’re trying to inform where the point of entry and how it occurred. Sometimes if it’s less sophisticated, that’s not very difficult to determine. If it’s more sophisticated it can take more time,” said Jarmon.
Williams said when they found out about the attack, HCS immediately alerted the State Department of Education, as well as local and federal authorities.
Students throughout the district were sent home within a matter of hours. Williams says the students were sent home for risk mitigation.
“When we have other people, off of our network, off of our platforms, off of both issued-district devices, as well as our platforms that involve anything online really, it helps us try to pinpoint the potential issue,” he said.
Williams confirmed Huntsville City Schools utilizes security systems such as firewalls and antivirus systems to prevent these types of attacks.
“Ultimately, it just takes one person that knows what they’re doing relative to hacking or relative to cybersecurity in order to get passed the barriers that are put in place,” he added.
The district has not released what information was compromised during the attack, but they say they are working with authorities to investigate all possibilities.
HCS is working with authorities to resolve the issue.
Source: WHNT News 19