HOUSTON COUNTY, Ala. – Huntsville City Schools announced it was the target of a ransomware attack Monday. School has been closed as the district navigates this challenging situation.
Huntsville City Schools is not the first district in the state to be the target of a cybersecurity attack. Houston County Schools were the victim of hackers in 2019.
The South Alabama school system says it never received a ransom note. District officials call it a malware attack. The incident had some serious implications for district.
It happened in the summer of 2019 and forced them to push back their school start date and cost them an estimated $50,000 according to Superintendent David Sewell.
On July 24th, 2019 the folks at the Houston County Schools noticed something was wrong with their network.
“Everything was crashing. We couldn’t get on websites,” Sewell remembered.
The district was the target of a malware attack that essentially shut them down.
“Our servers all were locked out,” said Bob Blalock, HCS technology coordinator.
It took a few days just to get the phones up and running again. The school system had to completely reformat and rebuild its network. They also had to scan every device in the district. Sewell says they still found evidence of the attack long after it happened.
Students were supposed to come back to school August 8, but class didn’t begin until September of 2019.
“We had to start with keeping roll with pencil and paper and we had to go back to the old school way of doing things,” Sewell said.
Jay Town, former US attorney for the Northern District of Alabama, says ransomware attacks are becoming more common, up an estimated 300 percent in the last couple years alone.
He says navigating an attack means answering tough questions.
“First its analyzing what critical data has now been encrypted, how valuable is that data, how valuable is the disruption in business per day, per hour, per week? and then divide that by the amount of money that is being demanded and that’s sort of how you make your decision as to whether or not you pay this ransom,” Town explained.
Getting information back can be more difficult depending on the sophistication of the ransomware.
Monday Huntsville City Schools announced it was the target of a ransomware attack and asked everyone with a district device to turn it off until further notice.
“I think what the indicates is that there is a level of sophistication to this ransomware attack. They might believe if you were to say get on your at home wifi network or your virtual personal network at home that the ransomware itself might extend into your own personal network,” Town stated.
It took Houston County Schools 8 weeks to get back to normal. Sewell says they say they consider themsevles lucky and he has a message to other school systems.
“Dont say it’s not going to happen to me because it can and it will,” Sewell said.
Officials from the Houston County district say they were able to get their information back, but they had backups saved on other servers. Superintendent Sewell says law enforcement officials who investigated the incident do not believe any of the district’s information was compromised during the attack.