K-12

New Mexico school district still offline from ransomware

Administrators, who have shut down systems as they resolve the issue, say they're "not exactly sure" when they'll be operational again.

By Betsy Foresman

November 1, 2019

(Taylor Vick / Unsplash)

All computers and internet servers across the Las Cruces Public School District in New Mexico were shut down last week in response to a ransomware attack. Administrators of the 39-school district confirmed Monday its servers will remain offline indefinitely.

“There are still a lot of questions about the ransomware attack at LCPS,” Karen Trujillo, LCPS interim superintendent, said in a tweet. “Please know that we are not the first district to be attacked and we won’t be the last.”

Trujillo confirmed in her tweet that no data was breached as a result of the attack and that school operations will proceed as normally as they can.

“Teaching, [individual education plans], and evaluations will continue daily,” she said. “We are here to serve our students. This is temporary and we will get through it together as a team. Be positive, be resourceful and connect with each other in a different way.”

The ransomware was discovered on district servers in the early morning of Oct. 29, after which district officials took to Facebook and informed parents and students that the district was experiencing “technical difficulties with internet and phone services” and was working quickly to resolve the issue.

However, district officials still do not know when school computers and internet serves will be running again.

“Our system is still down,” a spokesperson for LCPS told EdScoop. “We’re not exactly sure when it’s going to be back up and running.”

According to Trujillo, internal email has not been affected but staff is unable to send or receive email from outside the district. In light of this, teachers and administrators will use the communication platform Remind, and phones to keep parents informed.

“The IT department is working overtime to get everything up and running in a systematic way so that we get it right the first time,” Trujillo said.

As a precaution, New Mexico State University has blocked direct network access to LCPS as well as incoming IP addresses from the district, the Las Cruces Sun News reported. NMSU staff were also asked not to open any emails from LCPS accounts until IT issued an all clear.

The attack is just one in a string of recent ransomware attacks against public institutions from foreign actors seeking to collect bitcoin payments. According to StateScoop’s ransomware data, 23 school districts have been hit by ransomware since August.

Editor’s Note: This story was updated on Nov. 4, 2019 with additional information.