RPS 205 releases new details on September ransomware attack

By  | 

ROCKFORD, Ill. (WIFR) -- Rockford Public Schools shared new details about a ransomware attack that caused districtwide electronic and digital systems outage in September.

According the RPS District 205 website blog, officials received a flood of texts around 10 p.m. on Sept. 5, alerting that servers and systems were disconnected.

On that night, nearly 50 or 60 of the district's 300 servers went down in rapid succession.

RPS 205 says the network was attacked by 199 variants of a virus. The district's antivirus company had never seen that many consecutive variations attack at once.

Jason Barthel, the district's executive director of technology, disconnected the network from the Internet around midnight to stop the ransomware attack.

“We knew immediately it was ransomware. In every place a file was encrypted, a ransom note was dropped in. We had millions of encrypted files — and the threat actors started encrypting our backups,” Barthel wrote on the district's website blog.

The attack compromised WIFI, PA systems, grading systems and student databases and operation systems.

Barthel says RPS is still dealing with the aftermath of the attack, but couldn't offer many more specific details with the ransomware attack under investigation.

The district has removed every single device from its network in an effort to rebuild 5,000 computers, 300 servers, and 1,200 wireless access points.

RPS 205 has released a podcast explaining more effects of the outage in detail.