Oxford School District Recovers from Ransomware Attack

A little over a month ago on Sunday, February 7, Oxford School District (OSD) underwent a criminal crypto-ransomware attack early morning. The school has now largely recovered its files despite not paying the ransom of around $9,000.

Superintendent Brian Harvey

OSD Superintendent Brian Harvey said, “We did not pay any ransom. I don’t know that it was a joint decision (to not pay). I guess it was my decision to not pay the ransom because we were able to recover the items that had been encrypted. Basically, we restored them from a backup.”

The school district has recovered its websites, the cafeteria system as well as PowerSchool and Schoology. However, the damage was extensive.

“I can’t put a specific number on how much data we lost,” Harvey said. “I can say that we lost almost all of our Windows-based servers and the main thing is we had to wipe everything clean and restore from a backup which included doing all of the setup and everything else. So, yes, it was a big deal.”

Harvey explained that OSD lost internet access for a little over a day, and that the first four days were spent recovering the grade book system. He said the progress reports were also delayed, and the ransomware hindered the school’s application process for those seeking to work in the school district.

“The website was down for approximately a week and a half, almost two weeks,” Harvey said. “So, although the encryption didn’t impact our application process, the fact that you couldn’t get to the link that took you to our application process; basically it shut that down for two weeks as well.”

The Oxford police department and FBI are currently investigating this criminal hack. The OSD faculty and staff will learn to be more prepared for potential hacks in future, and in the meanwhile the school district has focused on restoring the files.

“What I discussed at the last board meeting was that our focus has been on restoring our files and we’ve made a few settings changes to try to keep this from happening again,” Harvey said. “But we’ve really kept our focus on getting our files restored and programs and processes restored. Also, we’ve done a lot of investigation on if it were to happen again; what are the things we need to have in place so that we can get back up and running sooner.”

Although the school district was largely successful in recovering from the criminal hack, the process was lengthy. OSD is not the first institution to fall victim to ransomware.

This week, Money CNN reported that Palo Alto Networks, a network and enterprise security company, reported ransomware to Apple last Friday after spotting it on OS X. Reportedly, Palo Alto said this is the first time a fully functional version of ransomware has been detected in Apple’s operating system.

The U.S. Computer Emergency Response Team (US-CERT) provided the following steps on its website:

• Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.
• Maintain up-to-date anti-virus software.
• Keep your operating system and software up-to-date with the latest patches.
• Do not follow unsolicited web links in email.
• Use caution when opening email attachments.
• Follow safe practices when browsing the web.

Callie Daniels Bryant is the senior managing editor at HottyToddy.com. She can be reached at callie.daniels@hottytoddy.com.

Follow HottyToddy.com on Instagram, Twitter and Snapchat @hottytoddynews. Like its Facebook page: If You Love Oxford and Ole Miss…