After a rash of cyberattacks upon several Louisiana school districts, the St. Charles Parish Public School system acted quickly last week in an attempt to head off suffering a similar breach.
The district carried out several state-mandated tasks to prevent the same kind of malware attack that stuck Tangipahoa, Sabine, Morehouse and City of Monroe school districts over the past several weeks, included among those tasks an internet access shutdown on July 30 that lasted into the next day and kept other internet-based systems, like the PowerSchool Parent Portal, down into Aug. 2. For a time, district employees weren’t able to receive emails from anyone outside of the school system. The Parent Portal is utilized to submit back-to-school paperwork.
The tasks were necessary, though, because the consequences to falling victim to such an attack would carry much further, a reality recognized by Governor John Bel Edwards when he issued a State of Emergency declaration in response to the issue last week.
The malware attacks reportedly encrypt files within a system and leave them inaccessible.
It leaves, potentially, the only response being to rebuild the system to get things running again as soon as possible. Depending on how deeply infected the system is, says St. Charles Parish schools Director of Informational Technology Services Stephanie Steib, that can be a tall order.
“From what I understand, one of the districts had all their data files encrypted, including their backups, leaving them very little to start with to get back up,” Steib said.
Since the initial instances took place, Steib and other district representatives have been conferencing with the Governor’s cyber security team in an effort to strengthen security measures. Last week’s mandated list of tasks was issued the morning of July 30, with the district left with the option of when to carry out the directives.
“We worked with our Superintendent (Ken Oertling) and our leadership team and decided to go forward with it that day,” Steib said. “We didn’t wait very long.”
That protocol followed several preliminary recommended actions of the state, some the St. Charles district already had in place, others that were put into action following the advisory.
Time was of the essence not only because it could prevent a cyber attack, but it could also potentially immunize the district from one that could already have taken place, in theory – in some cases, this malware can stay dormant on a system for up to three months, Steib said.
While the measures have decreased the chances of being victimized, Steib cautioned that in no way does it mean the district is immune. As technology evolves, so do these attacks and so must defensive measures.
“All of it was preventative to put us in the best possible position to defend an attack,” Steib said. “You can never be 100 percent, though. It’s definitely a challenge to stay ahead of it, because you can never be sure what form it will take or where it will come from.”
Ultimately, the greatest defense – or vulnerability – comes down to the district’s employees. Most of these kinds of attacks come from phishing e-mails that can infect a device and/or system once accessed.
Because of this, St. Charles district employees go through training and receive weekly updates as part of the KNOWBE4 program. Emails sent out include security tips and information on the “scam of the week.” There’s also software included that sends out fake phishing emails to employees, informing the district office who may have clicked on the email and thus, in theory, could fall into such a trap.
“At that point we can contact them and make sure they understand what could happen if that hadn’t been a pretend e-mail,” Steib said. “Phishing e-mails can take a different face and you have new employees coming in, so you have to make sure everyone is aware of what to do.”