Ransomware attack on APS is now resolved

Copyright © 2022 Albuquerque Journal

The cyberattack that forced a two-day class cancellation last week at Albuquerque Public Schools was actually a ransomware event in which there was some kind of extortion demand. But APS officials do not say what was requested.

During a virtual press conference Tuesday evening, APS Superintendent Scott Elder confirmed the ransomware attack, but said the district had been advised by the FBI and cybersecurity experts not to provide specific details during further investigation, including the possible source of the attack.

He said “it’s not uncommon for these attacks to come from outside the United States.”

The attack on the student information system was discovered by teachers and administrators on January 12, forcing the cancellation of classes for the next two days. Last Monday was Martin Luther King Jr.’s National Day, so there were no classes scheduled.

“I’m proud to say that students and staff returned to classrooms (Tuesday) after finding a workaround that allowed us to take attendance, contact families in case of emergency and s ‘ensure students leave campuses with authorized adults,’ which is the primary function of the SIS system, Elder said. “Even better news, as of 4:30 p.m. (Tuesday), our team was able to restore our main student information system, so starting tomorrow, we won’t even have to use the workarounds.”

APS Superintendent Scott Elder.

Elder said no other computer systems within APS were affected, and he pointed out that “at this time there is no evidence that information about staff, students and families has been affected. been compromised”.

Asked what the district is doing to prevent future cyberattacks, Elder said he could not provide specifics, but he noted that the district’s information technology department had requested an emergency supply of up to $300,000 to restore the SIS system and get help.

“We have state agencies helping us, but some of this work is incredibly complex and very specific, and there was time pressure because we really wanted to get the kids back to school,” he said. -he declares. “Private security companies offer a level of expertise that really makes a difference in this type of work.

One thing this cyberattack makes very clear is that “someone intentionally, aggressively, and very publicly attempted to harm our school community,” Elder said. “We must assume that this entity is always monitoring our every move, and as good stewards of your taxpayers’ money, we cannot release information that aggravates or prolongs our current situation or the investigation.”

And that’s a big part of the problem, he said. Targeted school districts are advised not to talk about the attacks or share information because “they might share vulnerabilities or spread information that doesn’t help.” Therefore, school districts cannot learn from each other, he said.

Because this is an issue that affects large and small school districts nationwide, Elder suggested that some sort of state and federal task force be convened “to examine how they fund and provide resources to IT teams, so that we are better informed and have at hand the resources we need to protect this information.

Relying solely on school districts to solve this problem, Elder said, “I think it’s going to be difficult.”

Comments are closed.