Lexington District One’s computers infected by a malware last week but no data was lost
Lexington, SC (Paul Kirby) – Some of Lexington County School District One’s computer systems were infected by a malware virus earlier this month that that was detected by their security system before it could do any real harm. Some of their systems were taken down by their IT personnel for a period of time and extra layers of security were added to help maintain the integrity and security of the personal data stored within their information systems.
According to the district’s Chief Communications Officer, Mary Beth Hill, the computer security systems detected the malicious software on Thursday, January 5, causing the information technology specialist to take the systems off line. Hill said that once the suspicious activity was detected, and after further investigation showed that a malware virus was blocking but not retrieving data, they took the steps necessary to protect the computer systems. She said that they were only brought back online after the additional layers of security were installed.
District One, like many others across the nation, use a number of systems that stores information critical to managing the massive school district. They have data and records that pertain to the tens of thousands of student, faculty, and staff of the district. Some district employees and its leaders were notified of the compromise. The ones we spoke to said that the district told them that there was no cause for alarm and stressed that NO personnel information stored within the infected programs was in any way lost.
Several key programs that are used are called PowerSchool and the Meals Plus programs. Both of these store huge amounts of information that help the district in its day-to-day operations.
According to several websites that describe the functions of the PowerSchool software, PowerSchool is a school electronic student management system where student information is collected and stored. It gives parents, staff, and students access to real-time information that may include attendance, grades, lunch balances, detailed assignment descriptions, and school bulletins. It helps students stay on top of assignments, parents are able to participate in their children's progress, and teachers can share information with parents and students.
Meals Plus is a Power School partner program. It is used in the school cafeterias to help manage many different types of information. According to its website, Meals Plus helps by acting as a point of sale software that runs the registers in the cafeterias. It also manages information on free and reduced price lunches, inventory management, menu planning, nutrient analysis, accountability, financial and statistical information, and the food service employee’s time clock.
District One is certainly not the only agency that experiences these types of problems. Other large agency computer systems are sometimes infected with viruses, according to a computer expert we consulted.
Employees of the district are repeatedly warned not to open attachments to e-mails from sources they aren’t familiar with, but they sometimes do, our source said. He also said that information can be compromised by viruses that sneak into a system in other ways.
A computer systems expert we consulted said that viruses are introduced for several reasons. First, there are hackers that introduce viruses to see if they can disrupt large, important systems. They often see it as a game or a challenge, even though it is illegal.
Next, viruses can be used to locate and exploit a system’s weaknesses. These viruses can steal user information including passwords that would allow the person or group that designed or sent the virus to steal information such as dates or births, social security numbers, and credit card data.
Most large systems have elaborate and expensive virus scanning programs that can block many outside attacks. As the security systems learn of new viruses and develop ways to stop them, hackers and malicious programmers develop new virus programs that try to skirt and challenge the security. The expert we contacted said, “It’s an elaborate game with very high stakes that could be disastrous if a system that stores private, personal information is breached. Once a virus gets into a system, it can provide passwords and access information to the attacker that will allow them to steal data that is contained within those programs.”
These types of attacks have been in the forefront of the news recently after it was alleged that the Russian government used viruses to hack the computers of the DNC and now the RNC during the last general election cycle. President elect Donald Trump recently said that he doesn’t support the widespread use of e-mails and computer systems for handling our country’s most sensitive information.
In a recent story released by CNN and other national news agencies, the 70-year-old incoming President said, "I think the computers have complicated lives very greatly. The whole, you know, age of computer has made it where nobody knows exactly what's going on. We have speed and we have a lot of other things, but I'm not sure you have the kind of security you need.”
In a statement released by the district to The Ledger on Tuesday, Hill said that Lexington County School District One takes the security of its data and information systems very seriously and has multiple layers of firewalls, appliances, software, monitoring, strong business partnerships and excellent employee talent in place to prevent the loss of data or damage to their systems. Regarding the district’s philosophy on data security Hill said, “The district’s security systems worked as they should have, and no student or employee data was ever compromised or exposed. Had it been, the district would have immediately notified parents and employees.”