OKLAHOMA CITY – A local school district announced that its systems are ‘fully operational’ after a recent ransomware attack.
On May 13, Oklahoma City Public Schools stated their network was “significantly compromised by a form of malware” and that the issue was “continuing to worsen.” The next day, an updated statement from the district confirmed it was a ransomware attack.
Brett Weber, a professor of cyber-security, told News 4 ‘malware’ stands for malicious software and can disrupt services.
“Maybe not only disrupt, but also delete. I mean, it’s going to do something not good,” Weber said. “A malware is designed to just inflict its damage on anybody, anywhere, anytime.”
Weber said ransomware does disrupt service. The difference is, it typically doesn’t delete data and would be harder for someone to recognize an infiltration in the system. Generally speaking, he said it involves a higher-skilled hacker.
“They’re going to hold your computer system or network hostage, so to speak. Hence, the term ‘ransomware’ until you pay the ransom,” he explained. “If you don’t, then they may say you’re going to be down for so many days or it’s a time limit, or you just have to figure how to get rid of it and go back and reinstall everything and get up to where you were before the attack happened.”
OKCPS officials confirmed that district employees have been asked to not use their emails while the situation was being addressed to help limit exposure.
On May 21, the district confirmed that all of their systems were ‘fully operational.’
“OKCPS is pleased to report that our network and technology systems are fully operational following a ransomware attack. Our IT department’s swift action to take the network down last week prevented the issue from spreading, and we are deeply grateful to them, our security teams, principals, and our experts for their exceptional efforts over the weekend to ensure the district was fully operational when we welcomed students back to school this morning. Our third-party forensic experts have confirmed that to this point we do not have evidence that any personal identifiable information for students or staff has been compromised. However, because the law enforcement investigation is ongoing, we cannot comment on any further details at this time. Many thanks to our families, staff and the community for your flexibility and patience as we worked to resolve this issue.”
Weber says there are ways the public can better protect themselves from malware, such as avoiding certain websites and emails from addresses you don’t recognize.
“If it looks like it’s from a friend or family or coworker, then verify. ‘Hey, did you send this me?’ Check with coworkers. ‘Hey, what is this? Is everyone having to check with IT about resetting your password?'” he explained. “Don’t go to a website if it’s popping up with all these pop-ups, get out of that website.”