Cyber attack at Lincoln County School District under investigation

Published 7:40 am Tuesday, November 5, 2019

An investigation by multiple agencies is underway after the Lincoln County School District became the victim of a cyber attack Monday.

Superintendent Mickey Myers confirmed the attack late Monday night in a written message.

“The district computer systems have been encrypted by a ransomware virus. This cyber attack has adversely affected multiple systems in our network. We are investigating the incident with numerous agencies and will provide more information as soon as possible,” he said.

Subscribe to our free email newsletter

Get the latest news sent to your inbox

District protocol requires that the FBI is contacted in such an event, however, Myers could not say if the incident is being investigated by the federal agency.

“We have consulted numerous agencies regarding how to proceed with this cyber event,” he said.

The district posted Monday during school hours that it was experiencing a network outage that affected phone systems and internet communication at the schools and that the district’s technology department was working to correct the problem. The Lincoln County School District includes Bogue Chitto, Loyd Star, Enterprise and West Lincoln attendance centers. Each campus includes kindergarten through 12th grade.

Ransomware is technically not a virus, but a malicious software that encrypts files on computers or can lock the user out of the system. Viruses infect files or software and have the ability to replicate, but ransomware scrambles files and renders them unusable, and the hacker demands a monetary payment to restore use of the system.

In July, Louisiana Gov. John Bel Edwards issued a statewide emergency declaration in response to an ongoing cybersecurity incident that affected several government agencies, according to the governor’s official website. That declaration made available state resources and allows for assistance from cybersecurity experts from the Louisiana National Guard, Louisiana State Police, the Office of Technology Services and others to assist local governments in responding to and preventing future data loss.

The cybersecurity incident impacted school systems in Sabine, Morehouse and Ouachita parishes in North Louisiana.

The Governor’s Office of Homeland Security and Emergency Preparedness activated its Crisis Action Team and also the Emergency Services Function-17 to coordinate the response to this cybersecurity incident and coordinated with the FBI, state agencies and higher education partners.

“The state was made aware of a malware attack on a few north Louisiana school systems and we have been coordinating a response ever since,” Edwards said in July.

In September, a Pennsylvania school district was hit by a ransomware cyberattack. The Souderton Area School District was hit by a malware attack Sept. 1 just after students returned to class after summer break.

According to the Associated Press, cyberattacks have crippled organizations from large to small, including recently crippling nearly two dozen Texas cities and hitting Philadelphia court systems earlier this year.

The attacks, which have been happening for years, can set governments back decades. Libraries can’t use electronic checkout systems. Police can’t access electronic records, and utility bills must be paid with paper checks rather than online.

Agencies that fail to keep reliable backups of their data could be forced to choose between paying ransoms or spending even more to rebuild lost systems, the AP said.

The Souderton district would not reveal the impacts, if any, on the 6,380 students enrolled across Souderton’s high school, two middle schools and six elementary schools.

According to ZDNet, a business technology news website published by CBS Interactive, ransomware infections hit over 500 US schools in the first nine months of the year.

It said a report by Armor, a security service company that provides cloud security and compliance solutions for small businesses and enterprises, said it found and tracked ransomware infections at 54 educational organizations like school districts and colleges, accounting for disruptions at over 500 schools.