An Ontario public school board continues trying to recover from what it calls a cyber incident.
The Durham District School Board, which serves 75,000 students and approximately 14,000 staff across the Region of Durham east of Toronto, said in a website statement Monday afternoon that it is still working with external consultants to help determine the scope and extent of the attack.
The biggest city in Durham is Oshawa, with a population, including suburbs, of about 406,000.
In-school classes were open Monday and will be open again on Tuesday. However, online classes through the DDSB@Home service are still unavailable. Nor will a previously scheduled literacy test be held.
Telephone and email service are still offline. If a parent needs to get in touch with a child
at school, they have to go to the school site. Restoration of phones at schools is a priority. Schools will use cell phones to contact parents in the event there is an emergency and if emergency contact information has been provided to the school.
The Monday statement says also said the board is working to ensure payroll is not interrupted for staff.
UPDATE: On Tuesday the board said phones are starting to come back online but may not be working at every location. Progress is being made on restoring IT systems. For DDSB@Home, please check for an update at 11 a.m. on Wednesday, November 30th if classes will be taking place in the afternoon.
UPDATE: On Wednesday the board said DDSB@Home elementary and secondary were able to hold virtual classes as normal. Students could start loggin into their Google Classrooms at the start of the school day on Thursday, December 1. There may be a very small number of classes that cannot take place but independent work would be posted in those classrooms for students to complete.
While students’ Chromebooks were now able to be used at home, IT can’t provide any support to repair or troubleshoot Chromebook issues.
The incident was discovered November 25th. Since then, the IT services team has been focusing on restoring critical systems to support school and business operations.
The board was asked in an email by ITWorldCanada to explain the cause of the incident, but it referred to the online statement, which doesn’t explain what is behind the attack or whether digital data was stolen.
In an online FAQ, the school board said that after the incident was discovered, the IT network was shut down. In a section that asked if data was compromised, the text of the FAQ answered, “We are continuing to investigate and are working to understand the full impact of this incident. We ask for your patience as this investigation is complex and will take time to complete. We are committed to sharing more information on this topic, including if there are any privacy impacts.”
The one student safety protocol not in place yet is the safe arrival program. Attendance will continue to be manually taken and parents/guardians will not be notified should their child be absent.
The attack comes weeks after the public release of the report of a provincial expert panel on cybersecurity in Ontario’s broader public sector (BPS), which includes school boards.
A key recommendation is the creation by the province of a single body to oversee cybersecurity across the entire broader public service, dispensing advice and demanding accountability. It would augment current governance structures responsible for sector-specific cyber security risks.
Another recommendation is that the province investigate establishing a self-funded cyber insurance program to support the delivery of services such as breach coaching, incident response, and recovery for BPS organizations.
Ontario Service Delivery Minister Kaleed Rasheed said his department has accepted recommendations in the expert committee’s final report. However, no timeline for implementing the recommendations was given. “Work is underway to assess and implement measures that will improve and strengthen the province’s cyber security ecosystem,” the government said in a statement.