School districts work to combat computer viruses, hacking

March 7, 2019 GMT

RIGBY, Idaho (AP) — School officials in Idaho are working to combat the ever-growing rise of computer viruses and hacking of school data.

School districts are easy targets for viruses and malware due to their “innocence” and the public thinking school districts have “deep pockets,” said Keith Scholes, the director of technology for Jefferson School District 251.

“There’s always anxiety in trying to keep ahead of (technology),” said Scholes, who has worked in the Jefferson School District for nearly 35 years.

Scholes said Jefferson County School District uses two programs, Sophos and EdgeWave, to help catch malware and viruses in emails and across electronic devices tied to the district.


EdgeWave can check and scan emails for malicious intent — and can delete the email in every folder in the district if malice intent was found by the program.

Ransomware attacks lock and encrypt victims’ computer data and then demand a ransom to restore access, the Post Register reported Tuesday.

There were at least 1,783 ransomware attacks reported in 2017, according to Norton, a computer security company.

Idaho Falls School District 91 was recently hit by a Trojan virus, affecting 13 users’ accounts, said data privacy attorney Matthew Toldero.

The Trojan virus was designed to spread and grab usernames, said cybersecurity consulting firm Kroll.

District 91 hired Kroll to investigate the attack.

District 91, in response to the attack, “performed password resets on all affected accounts, increased account lockout rates, and reduced privileged account usage throughout the network,” according to a public records request.

“IFSD changed passwords across the entire environment and notified the entire staff in an abundance of caution,” Toldero said in an email.

Other school districts recently hit by major virus attacks include Teton, Blackfoot and Madison school districts, though schools’ cybersecurity is challenged almost daily.

Idaho Governor Brad Little budgeted $50,000 for “statewide cybersecurity training” for the 2020 fiscal year budget and called phishing the “largest cybersecurity threat to the state.”

The Idaho Technology Authority, created by the state government in 2013, provides “good online safety habits” and data breach checklists online. The “incident reporting” tab was unavailable as of Tuesday.


Information from: Post Register, http://www.postregister.com