MOSES LAKE - The Moses Lake School District continues to recover from a July ransomware attack.
School district Superintendent Dr. Josh Meek said the July 22 attack, which originated from an IP address in Moscow, Russia, encrypted the district’s servers and backups. The malware demanded a ransom be paid to decrypt the system.
District Technology Director Marlon Howell said the district’s anti-malware system failed. The ransomware came from a district employee clicking on an email attachment, causing the virus to spread through the district’s more than 50 servers and workstations.
The district’s network monitoring system notified the district right away about the attack. The Technology Department went to work, unplugging every server from the network to stop the spread of the virus.
Meek said because the district was unwilling to pay the ransom to decrypt the system, every server and backup had to be restored from months-old backup servers. Anti-malware software was used to scan every computer in the district and Howell said IP addresses from foreign countries were blocked.
“From there, we were then forced to start rebuilding everything, which included basically a shutdown of all network services until it could be isolated and removed,” Meek said. “While network services have been restored, there’s a lot of lingering effects of things that are still getting plugged back in. Our tech department has been working very hard to work through this. It’s a busy time of year anyway getting ready for school so this hasn’t helped. It still has the potential to be a bumpy start.”
Meek said the district does not anticipate there was any sort of data breach, and the district’s most confidential information such as financial and student management systems, are not housed locally on the district’s servers. Such confidential information is stored through district’s ESD servers, providing a more robust and higher level of protection.
The district is working to implement new anti-malware systems to prevent any future attack, Howell said, adding the tech department is still finding the virus in district computers. The district also plans to implement better online safety training for employees.