Cyberattack in Albuquerque latest to target public schools

ALBUQUERQUE, NM (AP) — When the Superintendent of Albuquerque Public Schools announced earlier this week that a cyberattack would cause the cancellation of classes for about 75,000 students, he noted that the district’s technology department pushed back the attacks “for a few weeks.”

Albuquerque is not alone, as five school districts in the state have suffered major cyberattacks in the past two years, including one district that is still struggling with a cyberattack that struck just after Christmas.

But this is the first report of a cyber attack that has necessitated the cancellation of classes, all the more disruptive as schools attempt to maintain in-person learning during the pandemic.

“If it seems that I have come to your house often over the past two years to share difficult news, you are right. And here I am again, ”Superintendent Scott Elder said in a video address Thursday. “We find ourselves facing another challenge. “

The closures Thursday and Friday affect about one in five schoolchildren in New Mexico, in what is the 35th largest school district in the country in terms of enrollment, according to 2019 data from the National Center for Education Statistics. The district was one of the last in the state to reopen last year, as vaccines became available.

The small town of Truth or Consequences discovered a cyberattack on December 28 and still has not taken control of its computer systems.

“We’re not off the hook yet,” said Mike Torres, director of information technology for the school system of Truth or Consequences, a small town in central New Mexico.

The attack was not previously reported. It happened when the students were on vacation, allowing time to make contingency plans before the students returned. Torres says that although the attack “made the computer systems unavailable,” the disruption was minimal.

This was not the case in Albuquerque, where teachers discovered Wednesday morning they did not have access to the student information database that tracks attendance, records emergency contacts for students. students and determine which adults are allowed to pick up which students at the end of the school day.

In 2019, Las Cruces public schools also suffered an attack on their student information database, after a phishing attack tricked one or more employees into clicking a malicious link in an email. months ago, recalls Matt Dawkins, chief information officer for that district.

After hiding and exploring the district system, one or more hackers launched a ransomware attack. Data on many of the school’s computers, starting with the student database, was locked in encryption. A ransom was demanded in exchange for the key.

“It’s kind of like when your house is broken into, you know?” That feeling of being raped, ”Dawkins said in an interview Thursday as his school was closed due to an unrelated police call a mile away.

The school did not pay the ransom and eventually found a way to reset its data systems to the state they were in the day before the attack. But it took months of hands-on work and the extra expense of temporary Wi-Fi hotspots and new computers. Insurance covered much of the cost of the attack.

In the past two years, at least four other schools in New Mexico have been affected by costly cyber attacks, according to Patrick Sandoval, acting director of the New Mexico Public School Insurance Authority, which insures all districts in New Mexico to with the exception of Albuquerque.

Targets across the United States in 2021 included universities, hospitals and a major fuel pipeline. Data on the number of attacks and their cost is hard to track, but the FBI’s 2020 Annual Cyber ​​Attack Report says about $ 4.1 billion in damage was reported by institutions across the country this year. -the.

Dawkins added that if Albuquerque is faced with a ransomware situation, which has not been confirmed, it could face a more complex attack. Instead of holding information hostage, ransomware attacks now threaten to sell data to the highest bidder online. So student data in Albuquerque could not only be locked down, Dawkins said, but risk being shared with identity thieves and other bad actors.

Albuquerque Public Schools have not said whether the cyberattack they are facing is a ransomware attack, only that their student information database has been “compromised” and that it is working with them. law enforcement and contractors to limit the damage.

Whatever the cause, they faced a problem similar to that of Las Cruces in the days following the attack.

The database used to track attendance and other students was down. He also realized that laptops had to be quarantined and taken out of service, forcing teachers to work offline.

“Immediately our teaching department rotated with pen and paper, you know, kind of old school teaching, so our print shop was printing materials. The teachers were able to adapt very quickly, ”said Dawkins.

Albuquerque Public School officials did not elaborate on the decision to close schools and did not respond to inquiries Thursday about why a paper system was not possible.

The decision to continue classes at Las Cruces came at a cost. Dawkins said it probably took longer to wipe and reset the thousands of computers in the school while teachers and administrators worked normal hours, and they had to live without technology for weeks. and weeks.

By January 2020, the district’s computers were working again and on time, too – the pandemic forced teachers and students into distance learning a few months later.


This version corrects the CIO’s first name in Truth or Consequences to Mike, not Mark.


Attanasio is a member of the Associated Press / Report for America Statehouse News Initiative corps. Report for America is a national, nonprofit service program that places reporters in local newsrooms to cover underreported issues. Follow Attanasio on Twitter.

Leave a Comment