The North Dakota Information Technology Department said that in February, malware attacks were carried out on one third of the North Dakota schools. The hackers behind the attacks came from various international locations, including North Korea, and the malware was downloaded from multiple access points.
According to ITD's director of Security Sean Wiese, hackers used DoublePulsar malware to give "bad actors" the ability to infiltrate other systems.
Wiese says that this malware can infect a computer if a user simply clicks something that they would not click.
"The most common attacks are by phishing – it costs you to click something that you should not have," he said. "The attackers are difficult and everyone is susceptible."
According to Wiese, it took 30 to 45 days for the malware to be completely eradicated from their STAGEnet system, a network that all North American state employees use. Although no information has been lost, North Dakota State Superintendent Kirsten Baesler says that it is calling for a greater drive to combat hacking issues.
"Shawn Riley, chief information officer at ITD, and his team let me know that this happened, the infringement was embedded and sealed, no data was lost," Baesler said. "I was very happy to know that there was no damage, but it was an opportunity for Sean and I and the state (to talk) about what we should do to ensure that these violations do not happen, and ensure that we there is not an access point for further attacks. "
Malware that enters systems such as the STAGEnet can infect more confidential government departments, such as the treasury, the ministry of agriculture and more. There are 252,000 users who have access to STAGEnet in North Dakota, and the school computers are just an entry point for what could be much more confidential information.
"This event is no exception, it is happening more often now and they are getting more and more skilled by going beyond the firewall", says Baesler. "We have 450-plus school buildings, it is unrealistic to think that we can build a strong enough firewall to support this, and K-12 is committed to working with the technology department, so we may not be the starting point."
Wiese says that coordination between cybersecurity departments and the K-12 system is the most crucial part in dealing with such a nasty situation.
"We are trying to align our security initiatives with the K-12 arena, we want to be on the same page and create a unique approach to cybersecurity, so that we react in the same way when things like that happen," he said.
Wiese added that they "work as a trifecta of cyber experts, technology tools and our K-12 staff."
The trifecta, which Wiese calls, is supported by Baesler with a coalition consisting of cyber professionals, new protective technologies and the teachers' board.
The K-20W coalition will establish a set of standards and train teachers to annually inform students K-12 about cyber security, encryption and computer science.
"We have formed this state-wide coalition to talk about cyber security and computer science (We are) using the threefold approach so that every student has access to and exposure to computer security standards," Baesler said.
That curriculum starts in February 2019, according to Baesler.