Password policy changes, employee training, automatic upgrades of firewall and anti-ransomware programs and frequent back-ups.
These are some of the ways Haverhill school department is strengthening its computer systems to avert another cyberattack as happened last April. Douglas Russell, director of technology for the schools gave the School Committee a rundown of the procedures they have taken.
“Once the cyberattack happened, we immediately went into a mode of removing devices and taking information away, to make sure that it wasn’t going to continue in our network. We started to recover all of our systems that were infected so that we could get the network back up and running,” he explained.
Russell said the process, which took about two weeks, also determined who had information compromised in the attack and what that information consisted of. He said about 140 computers were compromised by the attack, affecting 277 people. Haverhill school Superintendent Margaret Marotta told the Committee earlier that student records were breached and those affected are being contacted.
Russell said staff began working with other cybersecurity agencies performing a deep dive into the network to find ways to keep a similar attack from happening again.
“The very first thing we did, we upgraded our server system in the network and we added redundancy to our backups. Along with that, we’ve restructured the team and, now, we have groups of people who understand the different systems. We’ve updated our password policy. We’ve made people change their password and we’re making them cycle their passwords every couple of months. We’ve upgraded our ransomware and anti-virus system,” he said.
Russell said his team is now performing quarterly audits, looking for possible vulnerabilities. He added they are also performing information backups on a much more frequent basis, ranging from every 30 seconds to every two hours.
While Russell admits cybersecurity is an ongoing threat and no system is ever totally safe, he said he believes these steps will help keep the system safe from future attacks.