A school district and community college in Massachusetts are struggling to recover from ransomware attacks that have crippled their digital systems.
Bristol Community College said it discovered a cyberattack on December 23 and immediately launched an investigation after hiring a cybersecurity firm. The college is still determining whether personal information was accessed or stolen.
On Tuesday, the college said some services are now available in person or over the phone but information systems are still limited.
The college urged students and employees to change all passwords, including those used for bank accounts, credit cards and other financial institutions. Several systems used by professors are not available, nor is campus WiFi. There is no network access at any locations at the college, although school resumed on Tuesday.
The school has about 11,000 students and several campuses across Southeastern Massachusetts – all of which were affected by the attack.
The school initially said on Monday the cyberattack “involved ransomware encryption” but later removed that phrasing from their statement.
Only a few miles away, Swansea Public Schools Superintendent John Robidoux told students and parents on Tuesday that classes would be canceled Wednesday at several K-12 schools in the district following a ransomware attack.
“Due to a ransomware attack, our network is shut down. School is canceled tomorrow 1/4/23. Principals will be sending one call and the cancellation will be posted on news stations this evening,” he said on Twitter.
“Transportation will still be provided to students attending out of district special education schools on 1/4/23. The cyber security company, with whom we contract, is working today to ascertain the extent of the attack on our network. More info will be shared once we have a clearer picture.”
The outages include Joseph Case High School, Joseph Case Junior High School, E.S. Brown School, Gardner Elementary School, Mark G. Hoyle Elementary School and Joseph G. Luther Elementary School.
In a letter sent to parents, the school said they don’t know how long the outages will last but explained that the loss of network access “impacts a significant portion of the school day and is much more than just the students using Chromebooks.”
“There are countless areas of the school that rely on the network either for functioning or for communication, including our copiers and telephones,” the letter said. “We do understand that this is an inconvenience and the district is working diligently to get this worked out so our students can be back in school as soon as possible.”
The school said on Wednesday that classes will resume on Thursday after a cybersecurity company, in collaboration with the district’s IT Department, “was able to remove any viruses, worms and ransomware on the network and add additional security measures.”
“It is believed that this attack occurred due to an encrypted download that was run by someone within the district, but is not believed to be malicious,” the school said.
Robidoux later said that he was thankful the district had security measures attached to their network “that prevented a much larger issue from occurring.”
NBC10 Boston Investigators found in 2021 that at least one in six Massachusetts communities had been infected by ransomware in the past, and at least 10 paid hackers taxpayer money to unlock their files.
Emsisoft threat analyst Brett Callow said 45 school districts in the US were impacted by ransomware in 2022 and at least 24 of them had data stolen.
The attack on Swansea “is the first incident of the year (to come to light.),” Callow told The Record.
Last year saw dozens of colleges attacked by ransomware groups, including community colleges like College of the Desert in California, Kellogg Community College in Michigan and North Idaho College. Callow said at least 35 colleges and universities in the U.S. were hit in 2022.
Savannah College of Art and Design was attacked in September while Austin Peay State University sent out urgent messages to students and faculty in April warning of a ransomware attack affecting the school’s systems. North Carolina A&T University, Florida International University, and Stratford University are just a few of the other U.S. schools attacked with ransomware this year.
The FBI said in May that Russian cybercrime forums are teeming with the network credentials and virtual private network accesses of employees from U.S. colleges and universities.