Cyber security threat cancels the first day school at Monroe-Woodbury

The Monroe-Woodbury Central District delayed the opening of the 2019-20 school year by a day after discovering a cyber security threat to its computer system.

Although the extent of the threat is not yet known, Superintendent of Schools Elsie Rodriguez said the quick action to shut down the district's 60 servers was critical in preserving the data affecting more than 7,000 students as well as those for teachers and staff.

"As part of the district’s regular security protocols, all data is backed up on site and off site on a daily basis," Rodriguez said in the statement sent to parents on Tuesday. "Currently the district’s computer network is shut down as our technical team works in conjunction with cyber security consultants to facilitate restoration of the district servers. At this time we are unsure how long the restoration process will take. We will not know the full impact to the district’s systems until restoration is complete."

In an interview Wednesday, Rodriguez described the incident as a cyber threat, rather than an attack, because the district's assistant superintendent for technology shut down all 60 of its servers at about 5 a.m. Monday morning - or as soon as there was an inkling something was amiss.

According to protocols, the district contacted the FBI, Homeland Security, Orange County BOCES, two state agencies and its insurance carrier.

'Old School'

The carrier immediately dispatched a forensic assessment team, which includes one investigator on site at the school district and others off-site.

That assessment could take as long as two weeks.

And that means no use of devices, no White Board, no WiFi for that time.

“We’ll be taking attendance on paper tomorrow,” Rodriguez said about Thursday’s rescheduled opening day school. “Old school.”

The superintendent added that she was confident that teachers would teachers and students would learn. “There may be even more communication within the devices,” she said.

Rodriguez said the district has been pro-active in protecting its information. She estimated the district has spent about $175,000 on hardware, software and firewalls over the last four years.

But, she noted, that money does not cover the salaries of the technical staff charged with keeping things running. Nor does the state provide any aid for its mandates regarding cyber security.

Attacks elsewhere in the state

A story just this week appearing on the web site for the New York State School Boards Association reported that five school districts in the state had been attacked with a computer virus known as Ryuk in July and August.

Those districts were Lansing, Mineolo, Rockville Centre, Syracuse and Watertown.

According to the School Boards Association report:

“Usually a demand for a ransom, payable in Bitcoin, is embedded in files installed by the virus, which encrypts files and blocks user’s access to computer systems

.“No ransom demands accompanied viruses in the Lansing, Mineola and Watertown districts, according to superintendents. But Rockville Centre hackers extracted $88,000 - all but $10,000 paid by the district’s insurance company, according to a detailed Q&A document posted on the district’s website."

Because no file was opened, it's unknown if the threat to Monroe-Woodbury was similar to those other districts.

Rodriguez offered this perspective on how this was not exactly how she anticipated the school year to begin:

This, she said, "is not the Bahamas."