New Jersey school district forced to cancel final exams amid ransomware recovery effort

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,685
Tenafly Public Schools in Bergen County, New Jersey is in the process of recovering from a ransomware attack that began on June 2.

The school was forced to cancel final exams as they restore systems and address the incident, according to district communications manager Christine Corliss. Corliss told The Record that they initially noticed that their files were not able to be accessed normally last Thursday before cybersecurity experts were brought in to help. “It looked like our servers were not operating correctly, so they immediately shut everything down to isolate the incident and to begin investigating what was going on. Our servers were down and they needed to figure out why,” Corliss said.

Cybersecurity experts discovered ransomware on their systems and pulled in the FBI as well as state officials and the school’s cyber insurance provider.

The parent of a student at Tenafly Public Schools, who asked not to be named, told The Record that all of the school’s Google Classroom, grading and other systems were offline because of the attack. “Final exams have been canceled. We don’t know what’s going to happen with graduation. It’s seriously nasty. There is total radio silence from the administration and board. Presumably state and federal officials involved,” the parent said. Maria Prato, director of communications for the New Jersey Office of Homeland Security and Preparedness, declined to comment on the state’s response to the attack and directed all questions to the school district.

Corliss confirmed that final exams had been canceled because teachers were concerned that the tests, slated to start on Monday, would be unfair to students who had been locked out of systems with their notes for the whole week. Corliss said the school’s systems are still down and they are in the process of restoring it. They do have access to some parts of the system but their security experts are installing additional security software as they bring everything back online. “People do now have access to Google Workspace, Google Classroom, Google Drive and all of that. They can do their work that way. In the interim, the teachers and staff have been going old school, using projectors, paper and pencil, hands-on activities and projects to keep the curriculum going and the learning going,” Corliss explained.

“The kids kind of liked it because they aren’t used to the overhead projectors, so they thought it was cool. We did make the decision to cancel finals on Tuesday because the kids hadn’t been able to get to their Google Space, which is where their notes and reviews for finals would be. We did not feel that was fair and we didn’t want to increase their anxiety levels over this because they would have so much less time to review their work.” The school is now working with law enforcement agencies and the FBI to recover from the attack. Corliss did not have information about which ransomware group attacked the school. She could not say when the school will fully recover but noted that the recovery is “progressing well, so we expect soon.”
 

Trooper

Level 16
Verified
Top Poster
Well-known
Aug 28, 2015
775
i wonder what security tools they were using at the moment
Seriously. I bet it is Symantec but who really knows. Most times unless things have changed is the security product goes to the lowest bid, and/or from grants. I am curious to find this out myself if they end up releasing that information to the public.

SIde note: I worked in a college IT department between 2005-2008 so my information might be old but I would not be surprised if it is still the case.
 
  • Like
Reactions: gery79

gery79

Level 12
Verified
Top Poster
Well-known
Jun 21, 2011
567
Seriously. I bet it is Symantec but who really knows. Most times unless things have changed is the security product goes to the lowest bid, and/or from grants. I am curious to find this out myself if they end up releasing that information to the public.

SIde note: I worked in a college IT department between 2005-2008 so my information might be old but I would not be surprised if it is still the case.
either mcafee or trend micro
 
  • Like
Reactions: Trooper

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top