Don't mess with Smyth County, Virginia

Published today in The Roanoke Times:

By Linda Burchette Smyth County News & Messenger

Smyth County’s school system was hit by a ransomware cyberattack last month that temporarily paralyzed its computer network and prompted an FBI investigation.

Terry Hawthorne, director of technology for Smyth County schools, said the division was installing new anti-malware software and moving to a cloud-based system this week.

The move to the cloud had been planned by the administration just prior to the attack, and now has been accelerated.

Governments across the country have been bolstering their defenses against malware that can lead to ransomware attacks after several high-profile cases, including in Baltimore and Atlanta, of hackers seizing control of government computer networks, encrypting data, and demanding a ransom to unlock it.

In Smyth County, security consultants are checking for any data breaches, Hawthorne said, although there is no evidence any data was taken.

“They weren’t in there very long before we discovered it,” Hawthorne said.

Superintendent Dennis Carter said officials do not believe any personal identifying information was taken.

“Instead, much like a classic bank robbery, we are being ‘held up’ and asked to pay big dollars to allow us to regain access to our data. We are going to use our data backups to rebuild our servers, rather than pay the ransom,” he said.

The ransomware attack of the Smyth County school system was discovered Sept. 23. Staff at the central office — where the attack was centered — discovered the message on their computers when they came to work.

The attack did not spread an infection, Hawthorne said. It disrupted the Windows system, only part of the system’s thousands of computers. Most of the system, especially computers used by students, are Chrome devices.

When the attack was discovered, payroll was an immediate concern, Hawthorne said, but it was quickly resolved and employees were paid on time.

For several years the schools have operated on a cloud-based payroll and accounts payable system, so it was easier to retrieve the information for the bank.

Carter said the school system was unable to contact parents electronically about the issue so he wrote a message and copies were provided to every student to take home.

“We won’t pay the ransom because it just encourages criminal behavior,” Hawthorne said. “I would advise anyone. Don’t pay it.”

Amen!