Arthur T Knackerbracket has processed the following story:
Cybercriminals closed some schools in America and Britain this week, preventing kindergarteners in Washington state from attending their first-ever school day and shutting down all internet-based systems for Biggin Hill-area students in England for the next three weeks.
On Sunday, Highline Public Schools, a Seattle-area school district that serves more than 17,000 students from pre-K through high school, alerted its parents and students that all schools, along with activities, athletics and meetings planned for Monday, had been canceled.
"We have detected unauthorized activity on our technology systems and have taken immediate action to isolate critical systems," according to a notice posted on the district's website.
Upon finding the digital intruders on the network, the district called in third-party infosec experts, along with US federal and state law enforcement, to help restore the systems, we're told.
[...] No criminal group has claimed responsibility for the Highline breach, though the school closures follow a ransomware infection that snarled traffic at the Seattle-Tacoma International Airport in late August.
[...] Meanwhile, in the UK, Charles Darwin School sent home a letter with all of its students on September 6, telling parents and caregivers that the "IT issues" it had been experiencing were "worse than hoped." In fact, they were due to a ransomware attack.
Charles Darwin has 1,320 secondary and sixth-form students in Bromley, England.
The Biggin Hill school would be closed between September 9 and September 11 as IT admins wiped all of the staff devices and teachers reorganized all of their lessons, according to headteacher Aston Smith.
Internet, email, and other school systems will be knocked out for an estimated three weeks, he added.
[...] Black Suit, believed to be an offshoot of the now defunct Conti ransomware gang, has claimed to be behind the Charles Darwin School attack. In a post on the criminals' dark-web blog, they say they stole 200 GB of data, including user, business data, employee, student and financial information.
[...] "Unfortunately, cyber-attacks like this are happening more frequently despite having the latest security measures in place," he said. "Our understanding of our situation is that it is similar to what was experienced by the NHS, Transport for London, National Rail, other schools and public sector departments."
[...] "There is no honor amongst the ransomware gangs attacking schools in Washington state and the UK," Semperis principal technologist Sean Deuby told The Register, adding that schools are more vulnerable targets because of their smaller IT budgets and fewer defensive resources. "Attacking just before the first day of school for young kindergartners demonstrates their amorality."
While the Seattle-area district hasn't called the incident ransomware, "reading between the lines on these attacks leads me to believe that the schools were hit by ransomware," Deuby opined.
[...] "Most schools today use Office 365 but still depend upon their on-premises identity system, Active Directory, for its users," Deuby said, adding that this makes exploiting Microsoft AD vulnerabilities more enticing to criminals.
While there's "no silver bullet" to solve schools' security challenges, he suggests working with their IT providers to identify critical services "such as AD that are single points of failure."
"If critical services go down, school stops, and the school buses don't roll," Deuby noted. "Have a plan for what to do. This doesn't have to be perfect but think now about what to do if email goes away or a teacher portal is locked."
(Score: 3, Funny) by Rosco P. Coltrane on Wednesday September 18, @02:13AM
This guy is super-sketchy.
(Score: 3, Informative) by JoeMerchant on Wednesday September 18, @02:53AM (3 children)
https://www.actionnewsjax.com/news/local/sources-fbi-homeland-security-offering-support-city-jacksonville-deals-with-computer-network-issue/IMDVIBTUWRGVPNOVNMQIRF67BQ/ [actionnewsjax.com]
Library materials check in/out systems still messed up 3 days later...
🌻🌻🌻 [google.com]
(Score: 2) by canopic jug on Wednesday September 18, @07:19AM (2 children)
Dude, the kind of incidents described in the main article are happening around the world dozens of times a day with little to no coverage. Although you can find mention if you cast a wide enough net, there is basically no coverage of the overall situation let alone the cause. The title of the OP is misleading as hell since the cause was not cyber crooks which shut down those particular schools in the UK and US. We all know the reason — wait for it — it's a big surprise — it was the deployment of Microsoft products in networked, production environments which set this all off. The people needing to be whisked off the street and into a jail cell are the ones which requested and signed off on rolling out Microsoft products at those schools.
The usual counter argument is to bleat that schools "need to" teach what students "need to" learn for work life. Well, if that had ever been true then we'd all still be using CP/M since, aside from AppleDOS, that was basically universal on the desktop when this all started. Teaching a single system is not education, it is training. Also, realize that the kids in question still have from 1 to 12 years left before graduating. Because a high school diploma on its own is useless, that and $7 USD will get you a cup of coffee, the students will have an additional period of learning/training on top of high school lasting from between 1 and 10 years depending on career. So overall what the students "need to" learn will have had between 2 and 22 years to have changed even more. Think how much ICT has changed even in just the last two years even with m$ holding back advancement so hard.
Money is not free speech. Elections should not be auctions.
(Score: 5, Interesting) by ledow on Wednesday September 18, @07:58AM
I did a survey of primary (and prep - independent primary) schools in the UK once.
1/3rd were primarily Google (because Workspace for Education is free).
1/3rd were primarily Microsoft.
1/3rd were equally both.
And what you teach the kids has ZERO bearing on any critical systems or data. You still need an authentication server, RADIUS, SAML integration into Google, Azure, and a hundred other services.
Most things are 3rd-party web-services now, and that includes back-office stuff - payroll, the school MIS (pupil data, school reports, attendance and the like), HR, etc.
The back-office system, yes, almost universally Microsoft in all the above schools. Not because of the students. Because of interoperability, cheap licensing, compatibility and the demands of the software they need to use. It's the old argument - you use Outlook because you know Outlook, you use Word because people send you Word files, you use AD because people expect you to be using AD to integrate with other services (e.g. Google login) etc. etc. etc.
It has zero to do with what you're teaching the kids. And yes, I'm an IT manager in schools of 25+ years, and have worked in Google-only schools (literally, backend too!), Microsoft-only schools and everything in-between, and even (much to my own reluctance) backed out a few failed Linux installs because absolutely nobody commercial understands how Linux should be deployed (they only ever want to use it as a "cheap" Windows with Wine, etc. running all the usual programs, because absolutely nobody in schools would take to Linux as a core OS for back-office work... I know, I've tried several times).
The vulnerability comes from things like BYOD (allowing kids to buy their own laptops and then trying to "secure them"), poor security controls (e.g. just slap on an antivirus and a web filter and cross your fingers and hope for the best while still letting staff use USB sticks), poor updating (e.g. Windows Update trashes servers and clients on such a regular basis so hard that people try to delay deploying updates until the holidays) and poor user training (you cannot stop a 0-day exploit, but it would really help if users didn't just click on everything and bypass all the security warnings when doing so - and no, you can't just "turn them off" globally, because then nothing works in Windows and people can't do simple things).
Sure, MS is a huge factor in almost all ransomware, etc. but it's far from alone in being vulnerable to it.
But what you deploy on the back-office has nothing to do with what the kids are being taught in school. And people deploy MS on the backend for a reason, even in "Google-only" schools. Good luck getting anything to work on an entirely non-Microsoft site. If the government, banking and all software moved to 3rd-party web services that worked in all browsers (we're heading that way on the latter, my base images are just Office and Windows now)... then MAYBE you could start. But you're still gonna have AD servers, Hyper-V infrastructure, Windows clients for things like legacy access control, CCTV, etc. and yes, they should be VLANned off and protected, but they often aren't done properly - and often aren't the source of compromise in themselves (but are definitely a source of unscheduled downtime!).
To be fair, even to MS, there's nothing stopping a school being entirely MS cloud and then its MS's problem. Azure AD, 365, etc. and then just Autopilot-deployed laptops to the staff / kids. That would actually cut out huge areas of vulnerability and be very viable - I'm pretty sure there will be schools close to that already, with no on-prem at all. Probably the big school trusts are like that for centralised control, for example.
But even a thousand Chromebooks or a thousand Linux machines in the hands of a thousand kids connected to the Internet and expected to SSO onto literally hundreds of websites is going to end up in a compromise some day. Sure, maybe less common. But there's no real difference there.
A staff member with a Chromebook, email, and clicking on any link they see is just as likely to compromise a machine on Linux as on Windows.
(Score: 2) by JoeMerchant on Wednesday September 18, @11:55AM
As reported by the FBI and Homeland Security - both bastions of clear, informative and not-misleading information at all (wink wink), the Jacksonville issues are a Keystone Cops style series of uninformed statements / excuses finally tracing back to a failed piece of hardware.
Personally, I think this is what WWIII looks like, and I'm grateful for the lack of mustard gas and tactical nukes being deployed via ICBM (so far).
In other "IT mishap" news: Mossad totally had nothing to do with this, at all: https://apnews.com/article/lebanon-hezbollah-israel-exploding-pagers-8893a09816410959b6fe94aec124461b [apnews.com]
🌻🌻🌻 [google.com]
(Score: 5, Insightful) by ledow on Wednesday September 18, @07:41AM (16 children)
Not news.
Happens about 1-2 a week and has done for years.
School gets infected, it will take a few days to safely resume operation. Pretty much every school I've worked it has had it at some point in the last 10-15 years, and there's almost nothing a school can reasonably do about it - especially secondaries which will have 1000-1500+ hostile users on their network needing access to quite a lot.
And AD being a "single point of failure" is laughable, and expecting that Azure / 365 is gonna save your butt when your infrastructure is infected? No. That's not how it works. If anything, you now have a far bigger job of trying to ensure that your cloud services are still clean and not compromised and restoring that to a known good state is a far greater nightmare than just rebuilding servers from backups. It honestly sounds like some terrible anti-on-prem, pro-cloud propaganda.
To be honest, I'd even be wary of saying that it was even linked and not just a random infection - criminals will lie, so a random group taking credit for something without evidence doesn't mean much.
And 200Gb of data? Man, I have individual VMs bigger than that that do nothing at all, and the chances of them hosting student info on site? Slim. Almost all school MIS are hosted web services now (because then they can deal with the security / data protection hassle). Financial? Possibly but unlikely to be much of interest. Suppliers and invoices and money spent on projects, that's about it. Everything else is secured with 2FA, card pinpads, banking portal uploads, double-approval, etc. I mean, maybe they saw some payroll info but I doubt it for the same reasons.
(Score: 2) by mhajicek on Wednesday September 18, @08:24AM (15 children)
How are these schools unable to operate without their computers? Have they no fallback procedure to operate as schools did for many decades before?
The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
(Score: 5, Interesting) by ledow on Wednesday September 18, @09:52AM (11 children)
Your typical classroom is based on Smartboards and the like. You have no whiteboard.
Your typical resources are online, whether Sharepoint, OneDrive, or 3rd-party services.
Your typical MIS is a web service. Without this you cannot register children (a legal requirement), monitor timetabling, or do quite a lot of lookup (e.g. medical info, parent contact info).
Yes, there are paper backups. Good luck with that. The word "chaos" does not describe it given the amount of staff, pupils, lookups and contacts nowadays. Anti-truancy measures do things like check children are in class and notify parents within minutes if they are not. All that kind of system breaks down quickly without everything being up, and it's extremely common.
Additionally, most secondary schools are running BYOD and laptop programmes so each pupil has their own individual device. When that doesn't work, all the marking system breaks down. Staff do not (generally) take home huge piles or handwritten paper and exercise books any more. It's all done in OneNote and Google and specialist services. Even homework is sent and handed back and marked via the school online portals.
I currently have 173 services plugged into my school's Azure, a dozen on Wonde (which syncs from the MIS), and a dozen in the MIS syncing out to other services (which then further sync out, like Wonde does). There are thus probably 200-300 connected services to the central IT systems of a basic school. P.S. this school is a prep - private, primary - and private schools are generally behind the times because they tried to cling to traditional education to appease parents. I worked in higher tech state schools 15 years ago (where if you don't TAG IN to a lesson on the door of the classroom within 5 minutes of a timetabled start, without prior reason, then text messages are automatically sent home and it's recorded in the school MIS along with every phone call made to that parent to chase that child for that incident - they were also used for a whole school "red-card" system to bring senior staff running if a classroom was kicking off).
It's 2024. Schools and teaching are one of the highest tech areas of business now, you can see IT budgets in the million-pounds-per-year-plus price range for some larger schools.
Most schools these days would only operate for a day or two on paper at best. Everything from the policies to the lesson plans to the register to the fire list to the canteen is online.
It's a recommendation for any school these days to have a 10Gbit leased line, often 2 for redundancy, and it's very unusual to find a UK school without a leased line in this decade. They're deploying HyperV failover clusters and Azure VMs all over the place.
That's not even including banking, payroll, contractor payments, reporting info to government portals, required referrals for child protection issues, etc.
I'd say that you haven't been able to operate a school entirely offline for any significant amount of time in the UK for about... 15 years? And the creep started long before that. Even things like access control systems, boiler functions, etc. can render a school not legally able to open, no matter the practical aspects they could handle in theory.
Most classrooms don't even have a whiteboard to write on any more. They are entirely smartboard with laptop-connected, and the kids are all using Chromebooks or laptops.
Things moved on since you were at school, and they're not even vaguely recognisable any more. Everything is online. Hell, even "on-prem" is considered old hat and schools are quickly eliminating it to move everything to the cloud.
I can tell you that certain large private schools (e.g. the Girl's Day School Trust) and academy trusts actually have entire floors of central London office buildings for their IT department, managing a dozen school's IT at a time, reliant almost entirely on connectivity back to their site to manage them all. Just the office space alone must cost multiple millions.
(Score: 3, Informative) by canopic jug on Wednesday September 18, @10:28AM (10 children)
The common thread in that scenario of rolling disasters seems to be the m$ presence, and thus we have the headlines about schools repeated hit by ransomware.
Everything is online. Hell, even "on-prem" is considered old hat and schools are quickly eliminating it to move everything to the cloud.
Unfortunately about the only two things that outsourcing infrastructure actually accomplishes anywhere is the elimination of "on-prem" competency (and thus full dependency on vendors) and upwardly spiraling operating costs.
Money is not free speech. Elections should not be auctions.
(Score: 2) by VLM on Wednesday September 18, @11:50AM (7 children)
There are some advantages to that.
The local school district only upgrades things that break; if the firewall is still "working" or the security cameras from a vendor that shut down years ago are still "working" they will not budget to replace/upgrade.
There will be no upgrades until there is an outage that makes the news.
At least theoretically "SomethingAsAService" might get upgraded after a vuln announcement or even on a proactive basis whereas the district will only upgrade after a newsworthy outage.
The problem is its not "a" firewall that's hopelessly obsolete, its ... everything. Things like ipads are expensive so everything else in the era of "every kid gets an iPad" are not upgraded. Or if there's a security "incident" and they upgrade the cameras, that money came out of the firewall budget so that's not getting upgraded. Repeat infinitely until pretty much everything needs fixing but its not down ... yet.
I live in a 'good' district, this is just how it is. No superintendent or other admin ever got a promotion for upgrading IT infra, that's just how it is. So all the money goes into brick and mortar buildings, often ones we don't need, LOL, empire building by hiring sprees, etc.
(Score: 2) by canopic jug on Wednesday September 18, @12:35PM (1 child)
From what I read in the press the superintendents sure don't look at the long term costs including maintenance and upgrade. Then there is even the exit cost to include in the total cost of ownership, and that is hardly ever added in and instead counted as an externality until the day it inevitably comes back and bites them hard.
Furthermore, I expect there were very few which had the wherewithal to inquire where the value added is with tablets such as iPads. How, really, truly, do they actually help with instruction? I'm pretty far from all that, and cannot imagine any situations where tablets can be of overall benefit. I can see where e-readers, but not generic tablets, might have an advantage over paper text books, but whether they are or not would come down to detailed cost figures which I do not have.
The full dependency on vendors simply makes the payment unavoidable, and upgrade and maintenance are an unavoidable part of that. So you do have a point there. Whereas, in contrast, the in-house systems can be run while leaking oil and white smoke until something breaks or there is a major, publicized breach. Either way, the schools would be far better off with Free and Open Source Software infrastructure. Sadly they can't even imagine the prerequisites, such as control over the file formats.
Money is not free speech. Elections should not be auctions.
(Score: 2) by VLM on Wednesday September 18, @01:18PM
I have kids in the district that has universal ipads. The teachers oddly mostly have semi disposable chromebooks, admins usually have status symbol MacBooks that never run anything but Safari while looking expensive. Older kids can get a Chromebook instead of an iPad and ... maybe 75% of high schoolers do? Its a PITA to type an essay on an iPad.
It seems to be a lot of small things. I would not say the district is paperless, but its much less paper than back in the old days. Everything is a google form submission or shared doc that used to be literal paper signature forms in the old days. Processes are all online. So there's no real infra to photocopy a hundred permission slips and then file them, its all online. Ditto stuff like work submission, kids never print out an essay and physically turn it in like gen-X era. Everything is via app or if there's no app its via email. Almost nothing is done via paperwork anymore. If its weird/custom its done by email and google drive sharing, if its common there's probably an app for it.
The textbook mfgrs seem to have given up on selling ink on paper and sell packaged curriculums now. I'm not sure if its better or worse; there is less tangible evidence of money paid (no stacks of textbooks) but the kids seem to like their PDF files. Its not that "Free" resources can't exist, but the paper trail to get something approved to be included is a PITA for individual teachers and the district already pays for a complete 8th grade English packaged curriculum (honestly the same stuff homeschoolers would use...). This is detailed stuff, its surprising how little teachers have to think. "Read this out loud to the class: etc etc"
There's a fair amount of gamification. No more math worksheets, its all math apps, ditto language stuff. The kind of thing you'd see on an Apple II back in the 80s is now on apps. Including, believe it or not, a somewhat adapted Oregon Trail.
(Score: 3, Insightful) by sjames on Saturday September 21, @05:50AM (4 children)
Security doesn't come from throwing money at hardware. Avoiding hardware that depends on the vendor's continued existence CAN (but won't necessarily) contribute to security. If last year's firewall is actually secure, it's still secure this year and next. It may become a bottleneck at some point. It will probably not be a one day it's fine, next it isn't sort of thing. There will be warning.
Hardware does age and need replacement from time to time, but that problem remains with the cloud since the cloud does nothing without a working workstation and network to reach it.
A properly designed distributed system will allow a school to keep running even if you cut the uplink to the network. It may not be ideal, and it may need to get that link back sooner or later, but the time for that should be measurable in weeks or perhaps days.
(Score: 2) by VLM on Saturday September 21, @04:28PM (3 children)
Local school district has dynamic badging set up with cameras and if you cache the pix locally then you have privacy violation-ish data retention issues. Also the lookups for background checks can't be cached for similar local storage issues.
Really the problem is the concept of printing a custom badge for every visitor in real time including a basic background check of each visitor, but its a level of security theater we won't be permitted not to have.
(Score: 2) by sjames on Saturday September 21, @05:21PM (2 children)
How often does a school have a visitor that is not a parent? If the systems are down for some reason, wouldn't it be better to be able to have school on a school day and just not accept non-parent visitors?
Apparently, keeping things centralized didn't do a hell of a lot for avoiding privacy violations according to TFA.
(Score: 2) by VLM on Saturday September 21, @08:07PM (1 child)
Unfortunately parents get the badge; everyone whos not an employee with a permanent badge or a student with an issued ID, gets a temp badge.
Its busy enough that whenever I visit I get to wait in line. "Big facilities" like a high school seem to always have a tradesman doing some kind of repair or upgrade seemingly ever day, there's always someone coming and going.
They do not badge when the school is considered "public" pretty much if classes are in session and the kids are legally required to be present you need a badge, but no badge for athletic meets and performing arts.
Most of my visits were of a "porter" nature it would seem more efficient to pile musical instruments at the front desk but maybe they were concerned about loss/damage chain of custody type thing, so I'd get to walk to the music room, pretty boring actually. The halls look about the same as when I was there with the exception that they have exclusively digital clocks (no more analog clocks) and they have cameras EVERYWHERE like a prison.
(Score: 2) by sjames on Sunday September 22, @01:11AM
They necessarily have the badge printer and digital camera locally in order to be able to take the picture. The only part they couldn't do would be the mini background check, but the parents should be cleared already and their ID can be verified by their child.
Not sure what's up with all the tradesmen, I practically never saw anyone but the regular custodians doing maintenance on things my entire time in school. I can assure you it wasn't because the buildings were new, they were ancient.
(Score: 3, Informative) by ledow on Wednesday September 18, @05:44PM (1 child)
Not really. Most of the 3rd party services are entirely independent of Microsoft on the client end. You could in theory upload / sync with anything, and they tend to upload/sync with MIS and/or AD or Google SSO. The MIS are almost all platform-agnostic because people use a lot of their features from iPads, etc.
You could replace most of it. But what's a viable alternative to AD user SSO that works in the cloud and on a local OS?
You can get 90% of the way there no problem at all, I've pretty much done that in the past. But at some point you inevitably find yourself having to build integrations by hand because the vendors don't have them, or you end up doing things like running Samba (or, back in the day, Open Directory and then the golden-triangle nonsense for Mac that thankfully is now dead because Mac supports direct LDAP / Active Directory sign-in nowadays).
It's not MS's fault that people are dumb and only build for MS, and most of the major packages are actually supporting dozens of MIS, half a dozen integration services (e.g. Wonde, AD SAML, Azure, Google SSO, etc.) and they will gladly take money from you to build an integration into anything, really. They integrate into a dozen access control packages and if you have another, you just point the two companies at each other and they generally work it out. Wonde is basically a government service to DO THAT FOR YOU... it syncs from all the know UK school MIS packages to a central service from which other services can pick up a standardised set of data via a standardised API that's platform-independent.
The problem is not that MS are forcing schools - in fact, Google do FAR MORE for schools than Microsoft ever have (and for free!) and running a Google-only school is the next best thing at the moment. Microsoft charge through the nose and are still business-focused and don't give a damn about, say, rolling out AI packages into your student data without obtaining your consent.
But the fact is... people CHOOSE Microsoft almost every time, somewhere, for something, because it's what they're familiar with. It's the same story since the days of "netbooks" in schools, etc. where schools snapped up Asus EEE PCs and then couldn't work out why they "couldn't run Word" (and, no, OpenOffice - at the time - wasn't viable enough for them). Google schools will literally use Chromebooks running Google Docs on free Google Cloud storage with Google educational tools and Google admin built right in, and you can run ChromeOS Flex on any repurposed PC and tie it in as a full-service device no problem at all. That's what my previous school did.
But the office? The headmaster? The marketing? Finance? They all try and then want Microsoft because it's just so pervasive. My previous school used to pay more for half-a-dozen Microsoft licences than it did for Google for EVERY SINGLE USER in a 550 pupil, 170 staff school.
Fact is, Microsoft don't do anything and aren't even targetting education. Their education offerings are pretty shite and expensive. But USERS demand them. Not the admins, not the IT, not the vendors. The woman who sits in the office and the guy who logs on to check his email once in a blue moon.
And I agree about the outsourcing. I'm about to tell our director of finance quite how much Microsoft would cost to move all our servers to it (in five year's time) as is the plan. It's prohibitively expensive. But I bet we end up doing it "because it's cloud" more than anything else, and by that time cloud will be out of fashion and we'll have wasted the money anyway.
But MS's monopoly is still only a monopoly for the same old reason. Dumb people who won't adapt. Not teachers who are trying to get kids experience of the workplace. Kids aren't even using Microsoft in 1/3rd of schools. They don't notice or care, it's all just a browser to them. They don't even understand filesystems any more and have to be taught how to save and retrieve things rather than rely on recently-used and one-big-long-list-of-files. Not even joking there.
Inevitably, in another decade or so, Microsoft will have obsoleted itself, especially with things like forced Windows Updates and fucking up the start menus, etc. Because it's already happening now.
But you try to run a centralised user directory that integrates with hundreds of services without, at some point, realising that you could just spend a couple of thousand and put in an AD server and save yourself SO MUCH HASSLE that it's unbelievable. Even the techy guys like me admit defeat (I have been using Linux at home and as primary desktop since kernel 2.0 and early Slackware!). There comes a point where you're putting in systems that nobody else understands, nobody can manage, and which are inherently more fragile because of moving standards and de-facto standards, and don't save any money in the end through being "different".
(Score: 3, Interesting) by canopic jug on Wednesday September 18, @06:25PM
But the fact is... people CHOOSE Microsoft almost every time, somewhere, for something, because it's what they're familiar with. It's the same story since the days of "netbooks" in schools, etc. where schools snapped up Asus EEE PCs and then couldn't work out why they "couldn't run Word" [...]
Yes, the Asus EEE 701 with Windows pre-loaded was indeed an utter failure, as M$ had intended. However, the very limited edition (just one production run) Linux based ones flew off the shelves. Unlike the Windows edition which had high return rates and low satisfaction, the Linux edition had very low return rates and high customer satisfaction. Sadly, M$ was allowed to interfere with Asus and convince them to drop the Linux edition after one production run and go all-in on the unviable Windows edition. That eventually contributed to the overall failure of netbooks as a concept.
It also reminds me of the time a student I knew, against some detailed advice and explanations, bought a Vista based Windows laptop without the ability to expand the amount of RAM and without enough RAM to run most applications she wanted. I guess in defense of m$ at least M$ Word still ran, at least in a minimal capacity for short documents, even if Adobe's products and many other companies' didn't.
As for people 'choosing' m$, that doesn't happen any more than drivers 'choose' SUVs. In both cases it has to do with the supply chain and control over the dealers or OEMs. There people have to buy what is on the shelf or do without entirely. Another factor is that m$, like other cults, uses its own unique terminology to isolate and control its victims. So it is not possible for people to look up what the original FOSS tools was that m$ is copying. For SSO that used to be Kerberos and LDAP [salon.com] until M$ permanently broke their client implementation to ensure that standard Kerberos and LDAP can no longer be used with Windows systems.
However, none of that changes the observation that the success of ransomware in schools is derived directly from the presence of m$ products in the schools, regardless of whatever reasons they might be there. And that does not absolve those who ordered and deployed the m$ products of blame for contributing so heavily to the ransomware epidemic.
Money is not free speech. Elections should not be auctions.
(Score: 2) by VLM on Wednesday September 18, @11:42AM (2 children)
My personal experience in the USA is they categorize things like the attendance/school bus tracker app, the school notification/announcement email list, especially the security theater recording cameras, some plain old google workspace files, and the scheduling/calendar app all as safety-critical, so they would not open the school without them any more than they'd open the school without working water pressure or fire alarms. Google workspace files that I know of that are safety critical include the "hall pass kids" who are allowed to leave at lunch or leave early under various work/study agreements.
The school has at least a minimal duty of care (VERY minimal) and they can't have kids at the high school level just wander away or go to fast food nearby instead of gym class. No cameras, no bus tracker, no schedule app, you have to close the legal risk is too high.
Another classic is you can't run a school with federal school lunch funding without offering school lunch unless you want incredible legal problems, and the lunchroom is as computerized as any other restaurant, so if the systems are down they can't order food, etc, so they "have to" close. They don't have the budget to operate "everything is free today" even for one day. Even if only 5% of the kids are on free-lunch programs they can't not feed them that would be even worse being seen as discriminatory by race etc.
Generally there are no paper backups for scheduling; stuff changes too fast and it's "too expensive" to reserve the weight room or the music practice rooms on a fixed basis so its all "just-in-time education". They could technically operate "first come first served" but thats questionable.
If you cut absolutely everything to the bone to save pennies, eventually you lose thousands when someone reboots a PC somewhere and the entire system cascades down.
(Score: 2) by VLM on Wednesday September 18, @12:00PM (1 child)
They have a new security theater problem, I just remembered that they rolled out badging last year to every building in the district.
Wave your Drivers License thru a scanner and they background check or at least blacklist people (maybe whitelist, I donno) and they webcam your photo and print a guest pass sticker for your shirt if you're in a non-public area which is essentially the entire school aside from "open" after school events (athletic meets, etc).
So all they need is one PC down, one dead printer, one network down, one broken camera, and then the school is essentially in lockdown.
Remember this is a world of zero risk tolerance. Think of covid era, and these are the kind of people who think its better to shut down the world, permanently if possible, than for one person to get a cough. They can't just "let visitors into the school" and they can't operate the school without a stream of visitors, so they more or less have to close.
(Score: 3, Interesting) by ledow on Thursday September 19, @07:27AM
Yeah, you've clearly never dealt with violent parents and from the sound of your spelling you're in the US where those parents have guns?
Even in the UK we have banned parents from site - divorcee dads trying to take their child home when they don't have custody, people who have committed violence against teachers but you don't want to punish the kid for their behaviour, even had things like people speeding through the school site and they were refused entry and senior staff were required to come out and turn them away every day for 2 weeks before they got the hint.
And if the PC is down? They open the gate and maybe man it. It's not hard.
And in the country of guns in schools... I'd think you'd want to be infinitely more careful, to be honest.
(Score: 3, Touché) by bzipitidoo on Wednesday September 18, @10:34AM (1 child)
Schools have had inept IT ever since the invention of the home computer. In part the ineptness at IT is merely an extension of ineptness at, well, pretty much everything. It is so in character for them to cry "Ransomware! OMG, evil haxxors hacked us!" whether or not that actually happened. They might have royally screwed up some software deployment, and found it convenient to try to scapegoat mysterious hackers, as a CYA move. They'll even convince themselves the reason the software isn't working is because they really were hacked somehow. A claim purporting to be from a ransomware gang could as easily be a prank.
The sort of school that demands strict obedience to all sorts of rules, discourages students from exploring, and quietly hates smart kids for the "trouble" they can cause from being too curious and nosy, is ripe for attack. They turn to the law to cover the gaping holes in security, make all kinds of things illegal. They want severe punishment to make an example of anyone who causes them Trouble. Scare the rest of the students into towing the line. They don't seem to get that their attitude turns future hackers against them.
Completely in character for schools to want the big IT vendor to keep them safe from that scary, scary world. To get them to embrace Linux will require a lot of cultural change.
A statement like "Attacking just before the first day of school for young kindergartners demonstrates their amorality" is the sort of thing I'd expect to hear from school administration, not a "principle technologist". No, that demonstrates the school's folly with computer systems! If there is any point in a school year that a school should be best positioned to resist attacks, it's at the start! They've had months without any young users to worry about. Sure, the back office was in use almost the whole time, but even that has had some downtime that can be used to fix potential problems.
When schools really have been hacked, it often turns out that they were grossly negligent with the security.
(Score: 3, Interesting) by VLM on Wednesday September 18, @12:09PM
I agree with about 98% of your post. I would extend your remarks with the concept that they DISCOVERED they were attacked when school started. They probably got attacked during the summer, randomly months ago, but if the school is mostly or entirely empty, nobody notices. Some elementary school that hasn't had a kid in it, not even summer school, since before the 4th of July, probably got owned in July or August.
Then some 3rd grade teacher tries to open her syllabus for the first time in months on the first day of school after Labor Day, gets some weird ransomware notice, then the shit instantly hits the fan, district-wide because it's not just her syllabus, it's all documents all users every file in the district. And then the school shuts down and it hits the news.
It's kind of like how disaster recovery plans usually fail after a disaster because they're not used much, and trying it is how you find out your DR doesn't work.
Also don't forget that schools are kind of BYOD now. Who knows what happened to some random teacher's MacBook on some random wifi at some random Starbucks way back in July, but now she's plugged directly into the district LAN behind the firewall connected to everything in the school, and ...
(Score: 1) by Runaway1956 on Wednesday September 18, @12:44PM
I've read the article, and all the comments. My takeaway is, the education system fails, and fails hard. There's a lot of crap happening in our schools, and education is near the last priority within the school system. The IT failures are just one symptom of the overall failure.
IMO, we need to scrap the system, and return control of local schools to local control. As inept as my own county government is, they are far more capable of teaching basic life skills than Washington, or Little Rock. You can trust a bunch of redneck hillbillies to educate their kids more than you can trust Washington, DC, or in the UK, the Crown.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 2) by sjames on Saturday September 21, @05:52AM
They missed an opportunity to teach the kids at a young age that you can get by when technology fails and how to do that. Except nobody there actually knew how to do that and so they actually couldn't.