Schools turn attention to cybersecurity

Recent news accounts of hackers holding data “hostage” has local school officials beefing up cybersecurity in efforts to protect personal student data and sensitive accounting information.
The cost for the added protection (not yet known) will add to the 2021-22 school budget.
School board members were informed of the budget increase during their May 13 work session and special meeting.
Wade Hiller, Luverne Public School’s technology coordinator, told board members and administrators of his cyber security concerns.
“The world we live in today, everything is online,” Hiller said. “With highly trained, large businesses being hacked, what can we (a small school district) do?”
As more reports of businesses’ systems being hacked come forward, stories of how data is encrypted and how disruption is caused when computer systems are compromised is causing area school boards to look at options for protection.
Often the hackers demand millions of dollars for the codes to return the encrypted information back to useable form.
Hiller said conversations with other school technology coordinators and advisers with the Southwest/West Central Service Cooperative have pointed toward the purchase of cybersecurity insurance.
As a stipulation for coverage, schools must implement a multi-factor authentication process for internal access to the sensitive data. Essentially staff would need to successfully sign into the computer system twice before access is granted.
As a Google school district, Hiller said the software for the MFA is already available and ready for implementation this summer.
July 1 is the district’s insurance renewal deadline. The exact premium cost was unknown at the time of the workshop.
Hills-Beaver Creek School District is also investigating similar authentication process and cybersecurity insurance.
 
Local business knows cyberattack firsthand
Four years ago the computer system at the Luverne Farm Store experienced a cyberattack, according to business owner Nate Golla.
The encrypting of the feed store’s accounting and inventory systems took six months to rebuild and the cost took the business years to recoup.
Golla found his current cybersecurity insurance didn’t cover the type of ransomware attack the farm store experienced.
Because the attack happened during the day, Farm Store personnel unplugged the computer system during the encryption process. No information was actually stolen by the overseas hackers.
“They take nothing from you,” Golla said, “but encrypt the information on our server. Insurance only covered if whoever was in there took something.”
Because the hackers were stopped as the attack took place, the Farm Store didn’t receive any demands for money to receive the codes to undo the encryption.
Instead, Golla and his staff spent six months recreating the accounting data from daily reports and spreadsheets not harmed in the cyberattack.
The process was finished in April 2019 and the financial records are now considered clear.
However, the effects from the hacking were felt financially for several years.
From his experience, Golla recommends and encourages business and organization leaders to read through their cybersecurity insurance to be sure they are protected against cyber threats.