The Rockford Public School Disttrict in Michigan has successfully restored its systems after a ransomware attack caused significant disruption earlier this week, forcing the shutdown of its computer, email, and phone systems. Despite acting swiftly to contain the Rockford Public Schools ransomware attack as an attempt to ensure the safety of its students and staff, the measures also forced the school district to resort to traditional pen and paper-based offline methods for schooling. A day after the incident, the district superintendent confirmed the isolation of the attack and the restoration of systems, indicating that students and staff could operate as normal. Established in 1884, Rockford Public Schools is a prominent educational institution in Rockford, Illinois. With 45 schools catering to around 27,766 students, it spans across portions of Kent County and serves parts of Plainfield, Algoma, Courtland, Cannon, Grattan, and Oakfield Townships. The district's consolidation in the late 1950s brought together several neighborhood school systems, and it expanded into 45 schools serving approximately 27,766 students.

Systems Restored After Rockford Public Schools Ransomware Attack

On the morning of the incident, district leaders were alerted to computer system failures within the school district disrupting its phones and internet services. While it was initially suspected to be a vendor issue, it soon became clear that the district was struck by a ransomware attack after ransom notes were discovered on various printers. Superintendent Steve Matthews promptly ordered the shutdown of all network connections, including Wi-Fi, to contain the threat. He anticipated that it would take at least a couple of days for the district to return to normal operations. The official website of the school district displayed emergency phone numbers for various buildings within the school district during the time of the attack. [caption id="attachment_68941" align="alignnone" width="1768"] Source: rockfordschools.org[/caption] Despite the attack, there was no immediate threat to student safety. Classes continued as usual, albeit with a return to traditional, technology-free teaching methods. Superintendent Matthews reassured that security systems for school doors remained functional, and emergency cell phones were made available for parental contact. The FBI was also involved in the investigation, working alongside district staff to assess the extent of the breach.  Superintendent Matthews acknowledged the initial challenge but noted that staff were quickly adjusting to the incident. Students reported a unique experience of engaging in learning without digital tools, while some found the situation disconcerting. Parents were informed about the situation through emergency communication channels. While some parents chose to pick up their children early, the overall response was one of cautious adaptation. Following the preventative measures, the public school district restored its computer systems 24 hours later, with the district superintendent stating that the incident had been isolated and contained. The school issued a letter to parents, indicating that says students and staff could resume using district-provided school equipment or their own personal devices.

Expert Indicates Educational Institutes as Common Ransomware Target

Cybersecurity expert Greg Gogolin from Ferris State University noted in response to the incident, that school districts are common targets for ransomware attacks due to inadequate preventive measures and limited cybersecurity staff. Gogolin highlighted that the end of the school year is a particularly vulnerable time for such attacks, as the urgency to resolve the situation increases with grades due and other academic deadlines approaching. Affluent districts are particularly targeted due to attackers perceiving them as having more resources available. To mitigate such risks, Gogolin advises districts to invest in advanced email filtering while educating staff about phishing emails. Additionally, teachers and students should maintain backups of essential data, such as grades and assignments, outside of school networks. The return to the traditional schooling method following the Rockford Public Schools ransomware attack is reminiscent to an earlier incident affecting Cannes Hospital, which forced its staff to resort to pen-and-paper techniques to keep services running. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.