Peel public board combats fallout from malware attack
Teachers, parents in dark as key online resources remain inaccessible
The Peel District School Board is still unable to say when several of its key online resources will be back on track after they were hit by a malware attack that continues to paralyze a string of databases.
Last week, the board told staff in an email, the malware “resulted in the encryption of certain PDSB files and systems,” and after it was discovered, the board “took immediate steps to isolate the incident.”
The risk posed by unknown hackers is creating unease among the unions representing elementary and secondary school teachers, who claim they have been kept in the dark, and received just the most sparing details about the type and scope of attack, more than a week since the board first admitted it was facing a “cyber security incident.”
Speaking to the Star on Thursday,
board spokesperson Tiffany Gooch said a cybersecurity firm hired by the board has made significant progress in both the investigation and recovery efforts, but couldn’t say exactly when the systems would be back to normal.
“We hope to be able to provide a resolution timeline in the next few days,” said Gooch. “We can confirm that the incident involved encryption malware.”
Gooch wouldn’t say if the hackers have attempted to extort the board by seeking payment to unlock the seized data portals, but she did say there is “no evidence that any personally identifiable or otherwise sensitive data was compromised because of the attack.”
Gooch was unable to say how the incident occurred and who might be responsible. These are things she hopes the probe will reveal.
Of equal concern to the union is that the board faces this logistic hurdle in the days leading up to students’ anticipated return to the classroom for in-person learning the week of Feb. 16.
Representatives from both unions say the board has provided links for back-channel access, so some tasks can be completed.
The board remains partially locked out of the intranet used by staff because some functions cannot be accessed.
Gooch said the malware has not affected virtual classrooms, but it did wipe out the website and, with it, applications accessed by families.
As a result, the board extended deadlines for Grade 1 French immersion applications, Grade 7 extended French applications and elementary regional learning choices programs applications. It has also temporarily delayed acceptance offers for secondary regional learning choices programs.
“Report cards for secondary students will be delivered on time; however, report cards for elementary students will be delayed by several days,” Gooch said.
Ryan Harper, acting-president, of the Peel branch of the Ontario Secondary School Teachers’ Federation, says the board has been very “quiet about this,” and whether hackers are threatening to publish the victim’s data or block access to it.
“Our teachers are not reassured,” said Harper, adding that some teachers have received Google notifications that their passwords have been compromised.
Students are also expected to verify that they don’t have symptoms of COVID-19, via the website, before in-person classes.
“That’s going to be really hard to do with the website being down,” said Harper.
He said the attack will affect teachers’ ability to provide the wealth of feedback on student performance that they would under normal circumstances.
Gail Bannister-Clarke, president of the Peel elementary teacher’s local, says there has been frustration and confusion among staff and parents alike.
“The board didn’t send out any messaging to say this is what we’re experiencing,” Bannister-Clarke said. “There was a lack of communication.”
Gooch conceded the malware has affected communication channels and the “board apologizes and continues to thank the community for their ongoing patience.”
Brett Callow, a threat analyst with cybersecurity firm, Emsisoft, said the Peel attack has the hallmarks of ransomware, where cyber criminals intend on gaining something, often money, from encrypting the board’s files.
All computerized systems can be targeted, as seen in the board case, he says.
“They very often steal a copy of the data, too, and, if the victim doesn’t pay, they start posting that data on the web,” Callow said. “It is, effectively, double extortion.”
“We can confirm that the incident involved encryption malware.” TIFFANY GOOCH
PDSB SPOKESPERSON
With files from The Canadian Press
Jason Miller is a Toronto-based reporter for the Star covering crime and justice in the Peel Region. His reporting is funded by the Canadian government through its Local Journalism Initiative.