When Oscar Silva’s first-grader tried to log onto Humble ISD’s online learning platform for his first day of school on Tuesday, his screen lit up with an error message.
His two high school-aged daughters were able to log on without issue, but issues with his son persisted for several hours. Soon after the issues began around 8 a.m., he saw a tweet from Humble ISD Superintendent Elizabeth Celania-Fagen. She said there had been a coordinated attack on the district’s computer servers, in what’s known as a denial of service attack. Thousands of teachers and students were unable to log on for about an hour as a result, fraying the nerves of some.
“We are working to isolate and resolve” the problem, Celania-Fagen tweeted shortly before saying IT officials had stopped the attack on the online learning platform, called My Humble.
“Zoom, websites, adult emails etc. all working fine. Our extra security for students requires them to go through My Humble.”
Humble ISD officials did not respond to multiple requests for comment.
Cybersecurity is a major issue for school districts across the country as many prepare to start their school years 100 percent online. Despite the new reliance on technology, education systems and education-based technology companies are by far the most targeted by malware, according to Microsoft Security Intelligence. In just the last 30 days, software in the education sector was the subject of more than 5 million enterprise malware encounters, according to Microsoft, compared to 3.33 million such encounters in all other industries combined.
The attacks are not new for local schools. In 2016, for example, Katy ISD warned about 78,000 students and staff that their personal data — including Social Security numbers, names and birth dates — may have been accessed during a security breach.
The type of attack that affected Humble ISD typically employs a network of hijacked computer devices that cause a flood of traffic to hit a certain server all at once, causing it to crash, said Juta Gurinaviciute, chief technology officer at the NordVPN Teams computer security firm. Often times, these attacks use virtual cloud-based machines instead of an attacker’s personal machine in order to hide the source of the onslaught.
Gurinaviciute said the company sees thousands of these types of attacks each day.
“Just like with any other tech platform, learning and EdTech platforms are vulnerable to such attacks,” Gurinaviciute said. “If a massive DoS attack hits a server, basic security systems fail to respond in time. For users, that means that they will most likely not be able to access the platform, or access it with only very limited functionality.”
There are some ways districts can protect themselves from these types of attacks, the cybersecurity expert said, such as limiting access based on users’ location. That would mean only people with a certain location attached to their IP address could access the platform, which would protect servers from outsiders. However, that would only offer some protection.
“There are various ways to protect the platforms but unfortunately, DoS attacks will never be over as a threat,” Gurinaviciute said. “The attack vector is too effective and cybersecurity is always playing catch up.”
Silva said he wasn’t concerned about the attack. He said he knows the attacks are common, and it only inconvenienced his first-grader and wife for a couple of hours. Others on a Facebook forum he runs for Humble ISD parents were more concerned, saying their students were counted absent and that the inability to access My Humble may have been the result of poor planning for so many to log on at once.
Silva said he believes it was an cyberattack.
“I offered to buy the IT guys tacos on Twitter. It happens,” Silva said Wednesday. “I know a lot of the parents were questioning if that’s really what happened, but either way we recovered really quickly. And today there were no hiccups at all.”