MPS: it was a Worm!
Computer glitch brings back pen and paper
Montgomery Public School officials say almost all of the computer functionality has been restored—-after a worm infected one of the system’s servers.
When teachers started reporting problems on Monday, MPS officials initially said there was no indication their computer problems were the result of a malicious attack.
They say they noticed unusual activity last Saturday. As a safety precaution they shut down a server. That prevented teachers and administrators from using email…and from going online at all when they returned from the Thanksgiving break.
They issued an update statement today saying the server had been infected by a worm:
“On saturday, Nov. 25, the Montgomery Public Schools information technology department detected suspicious activity on a data center server. Closer examination revealed that the activity was malicious. The IT department made the decision to isolate the data center and shut down key servers. working in an isolated environment, server administrators identified the malicious activity as a new strain of a bitcoin-mining worm. the worm infiltrated our data center through an older, vulnerable Microsoft exchange server. The IT staff eradicated the worm and sent microsoft data logs, allowing them to update their security definitions.
The IT staff was already in the process of decommissioning the vulnerable server by migrating to gmail as part of google’s free g suite for education services. This allowed us to quickly reconfigure and expedite the migration. The vulnerable server is now decommissioned, and the security of the MPS data center has been fully restored. At no point during this process was mps student or staff data at risk.”
Teachers and Administrators will be able to use email and go online when they return to work on Monday…after several days using very low-technology equipment in the classrooms: pen and paper.