Mineola School District Fights Off Ransomware


The Mineola School District was a victim of a nasty virus that infected the school’s computer network this year. At the most recent board of education meeting, Superintendent of Schools Dr. Michael Nagler gave everyone an update about where the district stands post-virus.

“We have been victims of a malware attack on our computer network that is affecting all of our equipment so we’re slowly, but surely bringing things back to a clean network,” said Nagler.

Back in January of this year, an employee within the school district downloaded a virus onto their local computer in school. The virus sat on the computer for six months and made its way into the district’s network with the intention of looking for vulnerabilities to exploit.

“Let me be very clear, no personal data was breached since there is no personal data on our network,” explained Nagler. “[The network] is basically our files, our old Excel spreadsheets and Word documents. Anything that has sensitive information is in a different system off of our network, which was not infected at all. Our entire school management system and our business management system was not infected or compromised.”

The intention of the virus, according to Nagler, is that it contacts the “bad guys” and lets them know its progress.

“We do have antivirus software,” said Nagler. “This is a very sophisticated virus. If it was blocked, it figured out what was blocking it, it adjusted its virus and attacked again. That’s why it was slow and steady over six months. I believe on Aug. 4, that virus bad guy sold our vulnerability to another bad guy in the form of ransomware. What ransomware does, it encrypts your entire network, all of your data on your network and you’re locked out. A screen comes up that says ‘You’re infected with Ryuk. Pay me.’”

Nagler added that the district was very fortunate that it had heard about another district that had a similar attack a week or two earlier.

“Our network engineer started to cut things off,” Nagler said. “He closed ports and closed any outgoing communications. He took our backups offline, which turned out to be our most fortunate occurrence. When the virus struck it did cripple our network, but it did not infect all our data. So therefore, we had no reason to pay a ransom. We didn’t entertain it. We had Homeland Security and the FBI involved. As soon as we said we weren’t paying the ransom, the bad guys became moot because we didn’t engage them in any communication about the ransom. We’re in very good shape now. Our data is current. We haven’t lost it. Be patient with us. I know that our phones and emails were out, but we brought everything back as quickly as we could.”

When the Mineola American reached out for comment about the incident, Nagler responded that the district has now installed two new antivirus softwares as well as a device that will monitor outgoing messages from the network.

Leave a Reply