FBI ends GCSD cyber attack investigation

Tuesday, September 14, 2021 - 17:17

— Photo from CISA’s Top Tips for Virtual Learning

GUILDERLAND — The investigation into an April 22 cyber attack at the Guilderland schools is wrapping up.

“No information was used for identity theft or fraud,” Superintendent Marie Wiles told The Enterprise on Monday.

The spring-semester attack, which canceled in-person classes for several days, was investigated by the FBI.

A “threat actor group” used malware to encrypt certain school-district systems, Wiles had told The Enterprise earlier.

On Monday, she said, “We are in the process of notifying individuals who may have had information seen by people who shouldn’t have seen it.”

Altogether, 367 letters were sent out to former students and former employees, she said.

The district worked with specialists through its insurance carrier to cull through the data and research mailing addresses, Wiles said.

Although the district is required to send out the notices, Wiles said of the pilfered information, “None of it was used to any bad effect.”

Asked if there were any suspects in the case, Wiles said, “I don’t know that we’ll ever be able to reveal that.”

To do so, she said, could hurt the FBI’s efforts “to stop the bad guys.”

“The ongoing fight is nationwide and worldwide,” she said.

Since the onset of COVID-19 and the increase in remote learning in schools, “malicious activity with ransomware attacks against K-12 educational institutions” has risen sharply, according to the Cybersecurity and Infrastructure Security Agency, an independent federal agency under the oversight of the Department of Homeland Security.

“Malicious cyber actors are targeting school computer systems, slowing access, and rendering the systems inaccessible to basic functions, including remote learning,” says a fact sheet that CISA developed with the FBI for schools. “In some instances, ransomware actors stole and threatened to leak confidential student data unless institutions paid a ransom.”

Asked if Guilderland had been told to pay a ransom and, if so, for how much, Wiles responded, “We have been working in tandem with the FBI on this matter. As part of our commitment to assist in those efforts, we are not commenting on or disclosing additional information about the threat actor or any interactions with them.”

Wiles also said of Guilderland, “Since the investigation, we have beefed up our security system to screen activity in our network.”

The district continues to train its employees, when using computers, “not to click on things that look suspicious,” she said. Students are being trained as well.

“We are ever more vigilant in investing in the tools we need to stay safe and secure ...,” said Wiles.  “We need to stay one step ahead of the bad actors who are constantly upping their game,” she said, likening it to an arms race.

More Guilderland News

  • Two write-in candidates together got more votes than re-elected mayor

    On March 18, Mayor Kerry Dineen, trustees John Scally and Sandra Serafino, and Justice James Greene each received new four-year terms, but most saw unforeseen opposition. 

  • The greening of Guilderland

    Supervisor Peter Barber went through a long list of events happening in town near Earth Day, which is on Tuesday, April 22, this year.

  • Pyramid turns down IDA tax break for Costco

    The withdrawal came as a surprise to both IDA board members and staffers as attorneys for the agency were negotiating with Pyramid over the subsidy right up until the day before IDA Chief Executive Officer Donald Csaposs received the March 20 letter informing him that Pyramid would forgo the multi-million dollar exemption.

The Altamont Enterprise is focused on hyper-local, high-quality journalism. We produce free election guides, curate readers' opinion pieces, and engage with important local issues. Subscriptions open full access to our work and make it possible.