District Took Steps To Prepare For Cyber Threats, Restored Data Without Paying Ransom
SUNAPEE, NH – U.S. Senator Maggie Hassan, who has led efforts to strengthen state and local cybersecurity as a member of the Senate Homeland Security Committee, met Friday with officials at Sunapee Middle/High School following a ransomware attack that hit the district earlier this year. Each week, the district’s IT administrators take backup data offline, and they were able to get the school back online and restore data – without paying the ransom.
Senator Hassan thanked the district administrators for “being such a good example,” saying it’s “really good for people to hear and understand” what the district did to mitigate the impact of the attack. She pledged to take the information shared back to her colleagues in the Senate and officials at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in an effort to help share best practices and assist state and local entities in addressing these threats.
Senator Hassan, a member of the Senate Homeland Security Committee and the bipartisan Senate Cybersecurity Caucus, recently joined in introducing a bipartisan bill that would update and improve federal agencies’ cybersecurity and make additional cybersecurity resources available that could help protect school districts like Sunapee, as well as state and local governments. In addition, the Senate passed bipartisan legislation led by Senator Hassan and Senator Rob Portman (R-OH), the Department of Homeland Security (DHS) Cyber Hunt and Incident Response Teams Act, to help prevent cyberattacks at all levels of government and the private sector. Senator Hassan has also highlighted the cyberattack on Strafford County, New Hampshire in her advocacy to Administration officials to strengthen cybersecurity across all levels of government.
Read more from WCAX about Friday’s event here and below:
How a New Hampshire School Foiled Hackers
SUNAPEE, N.H. (WCAX) – Sen. Maggie Hassan toured a New Hampshire school district on Friday that was the target of a cyberattack. It's an issue she talks about a lot on Capitol Hill. Our Adam Sullivan takes a look at the lessons learned from the Sunapee cyberattack.
On Oct. 13 of this year, the Sunapee New Hampshire School District came under attack. Not a physical threat, but rather online. Ransomware had infiltrated the district.
"We don't care about you or your deals, this is just a business for us." That was the message Sunapee School District Technology Director Mike Montore received as the data streaming through the Sunapee district's servers suddenly went dark. Malicious software, known as ransomware, encrypted all the files. The only way to get them back was to pay the ransom.
Thankfully, the district was prepared and didn't have to pay the thieves a penny.
"We had made a plan to make sure that we at least took a copy of our full backups off-network weekly," Montore said.
Within a day, teachers and students once again had access to their data in the cloud. A little more than a week later, things had returned to normal. A new normal, if you will, where the threat of a cyberattack lurks around every corner.
"It is critically important that we are constantly vigilant in our cyberspace to keep ourselves safe," said Sen. Maggie Hassan, D-New Hampshire.
Friday, Hassan toured Sunapee middle and high schools. Hassan is on the Homeland Security Committee and says cyberattacks like this are a growing threat. "As we develop expertise at the federal level, we also need to share that expertise in real-time with state and local partners but also develop best practices and share those, too," Hassan said.