Rochester schools end week without internet; questions linger about cyber attack
When the COVID pandemic hit in March of 2020, elementary school teacher Kim Hill really learned the meaning of the word “pivot” as she and her students moved classes online.
Fast forward three years, and Hill, who fell in love with online instruction during the pandemic, now teaches a virtual 5th grade class as part of Rochester Public Schools’ online school.
So when the district announced this week that its technology systems had been accessed by outside actors forcing it to disconnect from the internet, Hill took it in stride.
“Anyone who's ever been a teacher knows that pretty much every day is an unexpected challenge, and this was just a different form of that,” she said.
Create a More Connected Minnesota
MPR News is your trusted resource for the news you need. With your support, MPR News brings accessible, courageous journalism and authentic conversation to everyone - free of paywalls and barriers. Your gift makes a difference.
Hill deployed workarounds.
“We are sending out asynchronous plans, which means I'm not physically in a [virtual classroom] with all of them teaching at the same time, but they're getting the assignments and then the students work on those in their homes,” she said.
She’s been talking to students on the phone, or through virtual meetings on her personal computer.
Like the rest of her colleagues, Hill has no idea how much longer she’ll have to teach like this, and district representatives have remained tight-lipped about the situation since it announced the breach the first week of April. Superintendent Kent Pekel declined an interview with MPR News to discuss the matter.
Students, staff and teachers have lingering questions about the scope and scale of the attack. The district says it will be in touch with those affected soon and that it currently has no evidence that any data is being used for financial fraud or identity theft.
Disruptive but manageable
Meanwhile, high school economics teacher Sue Bender said many of her lessons require little technology to begin with. She said her students enjoyed being online less during the day.
And she took advantage of this week’s unseasonably warm weather.
“Like today, for instance, my lesson was [to practice] drawing shifts of supply and demand curves,” she said. “But I thought, ‘You know, gosh darn it, it's such a gorgeous day. Let's do sidewalk chalk shifts.’ So we went outside and did the shifts anyway.”
But this week’s record highs came with a downside: 17 district buildings are on a system that due to the cyber attack cannot be adjusted, and that meant no air conditioning.
Minnesota Comprehensive Assessments slated to be administered this week were postponed, and the ACT college entrance exam scheduled for this weekend is canceled.
Part of a trend?
The situation in Rochester echoes an attack on Minneapolis Public Schools in February, which resulted in a portion of hacked data being posted online by the ransomware group Medusa.
It’s not clear if the Rochester situation is part of a ransomware plot, but those types of attacks have been increasing in the nation’s schools, said Doug Levin, director of the K-12 Security Information Exchange. The national nonprofit organization focuses on protecting schools and state education agencies from emerging cybersecurity threats.
“When a school district is a victim of a ransomware incident, they've had to shut down for one or more days, as they go through their recovery process,” he said.
Levin said school districts are easy victims for cyber attacks because they often manage large amounts of money, collect troves of personal information about staff and students and have weak cybersecurity systems.
And he said cyber attackers often lie in wait until a time when they know there are fewer eyes watching the system — for instance, during Spring Break and right before the Easter holiday, as Rochester experienced.
Even though there are few details about the breach, Levin said parents and staff should be proactive by changing passwords, and freezing their family’s credit to prevent identity theft.