As cyberattacks continue to burden businesses, schools and medical facilities nationwide, the Hempfield Area School Board is taking proactive steps to protect district technology.
Directors unanimously agreed to hire Digital Forensic Solutions to conduct an audit and vulnerability assessment of the district’s technology infrastructure at a cost not to exceed $15,250.
“We felt it would be important to audit us and give us some guidance as to if we’re doing things enough or not enough, or if there are other hacks or things we can do to mitigate (the possibility of) that happening to us,” board member Jeanne Smith said.
The company will look at the district’s technology infrastructure and recommend any necessary changes to make it more secure, Smith said. District officials previously added safety measures such as two-step verification to help secure the network.
Hempfield’s vote came days after Butler County Community College closed in response to a ransomware attack on its computer systems. The school closed for two days, giving officials time to restore databases, servers, hard drives and other devices. A regional cybersecurity firm worked to restore information lost in the breach.
Area school districts have been disrupted by cyberattacks over the years.
A former Franklin Regional student in 2016 was charged after police say she launched a series of cyberattacks against more than a dozen local school districts, the Catholic Diocese of Greensburg and Westmoreland County government. In 2020, she was sentenced to serve two years’ probation and two months of house arrest.
Kiski Area School District in 2017 was the victim of an attack that resulted in administrators purchasing additional protection software for almost $29,000.
This year, companies were a major target for cyberattacks. In May, an attack forced the shutdown of a pipeline carrying gasoline and other fuel from Texas to the Northeast.
JBS, the world’s largest meat supplier, in June said its systems were coming back online after a cyberattack shut down U.S. and Australian operations.
Several other companies also were subject to cyberattacks this year, including Brenntag, a chemical distribution company; computer manufacturers Acer and Quanta; the NBA’s Houston Rockets; European insurance company AXA; insurance company CNA; and Kaseya, a company managing IT infrastructure.
Between January and July 31, the FBI received 2,084 ransomware complaints resulting in more than $16.8 million in losses, an August report from the U.S. Cybersecurity and Infrastructure Security Agency found. That’s a 20% increase in reported losses compared with the same period in 2020.
“We certainly don’t want to have our students’ or our parents’ information stolen and held hostage and cost the district money,” Smith said.
Hempfield’s audit will begin when students leave for Christmas break, Superintendent Tammy Wolicki said.
“We’re taking every possible measure to protect our technology,” she said.
