SAN ANTONIO — UPDATE: Judson ISD publicly confirmed a ransomware attack on its system. The district says they are establishing a call center to answer questions regarding the attack Monday, June 28.
---
An alert issued to Judson ISD staff Thursday, June 17, stated all network, computer applications, servers, communication and e-mail systems were affected by a ransomware attack hitting the district. Officials said they didn't know when the system will be fully restored.
KENS 5 obtained the alert that was distributed, which states, in full:
“Judson ISD technology systems were hit with Ransomware last night. All network, computer applications, servers, communication, and email systems were affected. We do not have an estimated time for recovery. Until a full estimation is complete, the district will be unable to connect to any data or technology system.
"Please do not attempt to connect to any district system to prevent further damage. An update will be provided as soon as additional information is available.”
According to the FBI, schools are the most popular target for hackers. Cyber attacks and ransomware on schools nationwide hit record highs in 2020. A former FBI agent and cybersecurity expert who helps U.S. businesses secure their systems explained how easy it is for criminals to attack systems.
“A lot of times it's just taking advantage of the vulnerabilities that are out there. They will have tools that scan across the entire internet and start looking at security vulnerabilities in the ways that they can take advantage of those and install the ransomware,” explained Jonathan Trimble, founder of Bawn.
Judson ISD did not say in the note how much hackers want from them.
“When I was with the FBI, we discouraged organizations from paying a ransom. We felt that it encouraged that type of criminal activity and rewarded that,” Trimble added.
Officials posted on Facebook and Twitter Thursday that the district's technology systems were unavailable and the summer school Credit Recovery program which uses Edgenuity for high school students was canceled.
Friday evening, Judson ISD released an official statement, calling the attack "suspected but unconfirmed." Read the full statement below:
"It has been determined that Judson ISD’s information technology systems have been compromised as the result of a suspected but unconfirmed ransomware attack. We immediately notified federal, state and local law enforcement. We have also engaged independent forensic investigators and third-party experts who are working around the clock, in cooperation with law enforcement, to determine the nature and extent of this attack. It is unclear at this time what information might have been accessed. There is nothing more important to Judson ISD than the safety, security and wellbeing of our employees, students and their families. This includes the protection of your personal data stored within the district’s information technology systems, and we are committed to a successful resolution. We will be sharing updates on our website, social media and the district mass communication system as we are able to do so."
"