JAN. 7– The Hardin County School System’s library computer network has been hacked and is being held for ransom, according to school officials.
An unknown organization or individual has infiltrated the network serving all seven libraries and inserted a “ransomware” program. The malicious software is designed to block access to a computer system until the demanded money is paid.
“We’ve heard about this kind of thing happening elsewhere,” said Hardin County Director of Schools Michael Davis, “but who would have ever thought it would happen here? This is the craziest thing I think I’ve ever seen.”
The hackers locked the library server system and encrypted all the files. They say they will send a code to undo the hack when paid.
The library server system tracks every book in every library in the school’s system. Without it, the libraries have no way other than old-fashioned paper and pencil to check books out to students or keep track of what books are out.
There is also no access to any kind of card catalog. Students can’t research where a needed book is in the library to help them find it on the shelves, for research projects or in-library reading.
“Our libraries aren’t completely shut down, but they surely aren’t going to be running full-throttle until we get this fixed,” said Levin Edwards, Hardin County Schools’ technology director.
Edwards said he discovered the hack when he visited the server which is kept at Hardin County High School on Monday to test it for normal operation before classes resumed after winter break on Tuesday.
Edwards said he couldn’t log on, so he went to the school system headquarters on Guinn Street to see if he could log on from there, but was unsuccessful.
From there he phoned the librarian at Northside Elementary, who said she was also having problems logging on. While still attempting to log on, the ransom note popped up.
“That’s when I knew we had a serious issue,” Edwards said.
The ransom note demanded 1.5 bitcoin, an untrackable form of digital currency used internationally for online and in-person payments, to decrypt the school system’s files, but only if the payment were made that day. It said that the next day the ransom would rise to 2 bitcoin.
On international currency exchanges, bitcoin was trading at just under $894 in U.S. currency on Friday at 4:30 p.m., so the hackers were initially demanding a ransom of about $1,341. If school officials didn’t pay immediately, the ransom would go up the next day to $1,788. The note did not make clear whether the ransom would increase every day by a half bitcoin.
“We’re not paying it,” Davis said Friday. “We’ve learned from industry experts that most of the time if you do pay the ransom, you still might not get your system unlocked, and for those that have had their systems unlocked, hackers would just lock those systems up again a month or two later, starting the whole thing all over again.”
Edwards said he and his assistant are attempting to regain access to the school system’s server and files.
“If we can’t, we’re going to have to rebuild the system from scratch. We won’t have to go back and re-scan every single book in the system because we have some listed on other files, so we won’t have to start from zero – but we won’t be starting far from zero either,” he said.
In a complication, Edwards said school IT workers were backing up the library server files to an external hard drive when the attack occurred. This resulted in the back-up also being corrupted.
Regarding thwarting potential future hacking attempts, Edwards said, “We’ve had several conversations about really looking into where any and all of our vulnerabilities are at. This really makes you reevaluate computer security – it’s been an eye-opener.”