Baltimore County Public Schools administrators have closed schools through at least Tuesday, after a ransomware attack discovered last week locked 115,000 students and their teachers out of their online learning platforms.
“Our focus today and for Monday and Tuesday is identifying and addressing student and staff device needs so that instruction can continue,” the school system said in a Sunday Twitter update.
The system also tweeted that students can safely use their BCPS-issued Chromebooks and BCPS Google accounts for students, which were not affected by the attack. But school officials also pleaded, “Please do not use BCPS-issued Windows-based devices until further notice.”
Free student meals will still be available to students this week.
Ransomware attacks are similar to break-in theft: the school system’s digital networks have been locked away with a key that only the thieves have, as if they broke into district headquarters, stole every district document and stashed them in a warehouse only they can access.
Ransomware software encrypts a network’s digital systems; only the hackers have the virtual key to unlock them. Hackers typically ask for money to unlock the systems, though they may not unlock them after receiving the ransom, and some hackers seek to sow chaos rather than receive a payment. The attack on BCPS has shuttered the district’s grading, email and attendance systems, and is especially grievous as BCPS classes remain online indefinitely due to the coronavirus pandemic.
The district first closed schools last Wednesday morning shortly after discovering a ransomware attack. Administrators had hoped the Thanksgiving holiday would give them additional time to address the digital breach, but cybersecurity experts say the damage of such attacks can completely shutter systems indefinitely, unless proper backups of those systems exist.
School systems are not traditional ransomware targets, but at least 30 across the nation have been hit since the pandemic began.
“Everybody is now using either Zoom or Microsoft teams or some form of remote communication, and that includes schools,” said Avi Rubin, a computer science professor at Johns Hopkins University..
“If the attackers are able to exploit vulnerabilities in these videoconferencing systems and platforms, they can really do a lot of damage to the educational system and the educational process,” Rubin said.
School and local officials declined to provide specifics of the attack at a news conference last week, citing an ongoing investigation that includes local and state police departments as well as the FBI.
The district will provide daily operations updates at 5:00 p.m. on its social media channels, as the school’s email system remains inaccessible.