CRCSD will resume summer operation on Monday after “cybersecurity incident”, give no specific details over incident

Published: Jul. 8, 2022 at 10:05 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

CEDAR RAPIDS, Iowa (KCRG) - According to an email to parents, The Cedar Rapids Community School District will resume summer operation on Monday, July 11.

The email gives no specific information related to a week-long district closure after a “cybersecurity incident” announced on July 4. District Officials told TV9 legal counsel was advising the district to not comment on a situation leaving parents struggling for childcare and nonprofits organizing to serve meals.

Nicole Kooiker, who is the deputy superintendent for the district, wrote some phone lines at the district may be unavailable and parents could reach the district at (319) 521-4452 or with any concerns or questions.

“We are looking forward to having our students and staff back on-site as we resume our summer programming opportunities,” she wrote. “We look forward to seeing everyone on Monday.”

Two experts told TV9 the district likely was facing a Ransomware attack on Thursday. A ransomware attack, according to the U.S. Department of Treasury, is when a hacker asks for a payment after using malware to block access to a computer system.

The city of Muscatine dealt with a ransomware attack for about a month in 2018.

Kevin Jenison, who is the communications manager for the city of Muscatine, said the city with two IT employees brought in the FBI, lawyers and spent around $50,000 on third-party cyber security companies. He said the effort led to officials finding the same ransomware in other cities.

“If we are going to stop these attacks at all,” Jenison said. “The federal government has the resources to develop the systems and go after these people.”

Officials from the Cedar Rapids Community School District have declined to say if money or if student or staff personal information was stolen.

Jenison said he believes the district can be more transparent regarding the situation.

“There’s no reason to not tell people what’s going on,” he said. “School districts are a little bit different even the ones here in Muscatine. But, you should be able to tell people what’s going on.”

Doug Jacobson, who is a professor at Iowa State University, said the district might not even know the extent of their issues. He said it can take days to weeks to understand the consequences from a potential hack.

“In some sense it’s not they are necessarily withholding, they just might not know yet,” Jacobson said. “It typically takes days or even a week to figure out what they may have done.”

Jacobson also said parents shouldn’t have concerns until more details are released related to the “cybersecurity incident”.

The Cybersecurity and Infrastructure Security Agency (CISA), which manages cybersecurity threats across the United States within the Department of Homeland Security, and the FBI both said they are aware of the situation involving the Cedar Rapids Community School District.

A report from CISA published in 2021 said an increase in cyberattacks happens during holidays and weekends. CRCSD made the announcement about its cyber incident on July 4th.

Copyright 2022 KCRG. All rights reserved.