Podcast Series: Innovations in Education

Explore the full series of eSchool News podcasts hosted by Kevin Hogan—created to keep you on the cutting edge of innovations in education.

How hackers held a district hostage for almost $10,000

Think ransoms are only paid out to rescue victims of kidnappings? Think again.

Imagine walking into your office one morning and finding some (or all) of your district’s computer files “padlocked” and inaccessible. In the corner, a masked man is standing with his hand out, demanding an $8,000-$10,000 ransom payment. When he gets the money, he’ll hand over the key to the padlock. If you choose not to pay, then you’ll spend the next few months trying to pick the lock while teachers, students, and administrators are forced to work without their modern technology.

This is essentially what happened to Horry County Schools (HCS) of Conway, S.C., earlier this year. Using a type of malicious software designed to block access to a computer system until a sum of money is paid (aka, “ransomware”), on February 8 hackers used high-level encryption to lock up the district’s data. The criminals then held that data for ransom and demanded the district pay nearly $10,000 via Bitcoin for the encryption key.

Charles Hucks, executive director of technology, says the district had experienced a few breaches during the months leading up to the attack, but nothing of this magnitude. “A few devices of teachers were hit and some of their local files were encrypted,” says Hucks. “In some cases network-based files on individual directories were also encrypted, but the impact of those attacks was very limited. They were isolated incidents.”…Read More

What happens when student hackers shut down a district’s internet?

Denial of service attacks can shut down internet access and leave IT teams powerless

When Jeff McCune noticed that his district’s 500 Mbps internet connection was full, he knew something was amiss. When he investigated further and saw that the Internet protocol (IP) addresses were coming in from China, Australia, and the Netherlands, McCune realized that the problem was more than just a random overload or ISP outage.

“I was seeing 550 Mbps of traffic coming from a single link and that pushed our usage up over the 10 percent cushion” allowed by its main service provider, said McCune, a network analyst with St. Charles Community Unit School District (CUSD) 303 in St. Charles, Ill. “There was no way anyone from China would surf the website of a school district in Midwestern America that hard.”

To McCune, it appeared the CUSD was being hit by a full-blown Distributed Denial of Service (DDoS) attack. The hackers cut off the entire district’s internet access for four hours at a time and then repeated the process 10 more times over the following six weeks during the fall of 2014.…Read More