Malicious Software Hits Bigfork School District Computer System

Superintendent: It does not appear any information or files have been stolen by the ransomware

By Dillon Tabish
Bigfork High School on Oct. 6, 2014. Greg Lindstrom | Flathead Beacon

Bigfork school officials are restoring their computer system after a malicious software virus infiltrated the district’s server.

Matt Jensen, superintendent of Bigfork Public Schools, said this week the district’s server was hit by ransomeware, a type of malware that covertly installs itself, similar to a Trojan horse virus, and locks up a computer system and all of its data before requesting a payment to unlock it.

Jensen said the district is not paying the ransom, estimated at a few thousand dollars, and the district’s information technology staff is in the process of restoring a backup of the server and all of its files. The computer system is expected to be restored by the end of the Thanksgiving holiday break.

Jensen said it does not appear any information or files have been stolen by the ransomware.

“The nature of these ransomware viruses is to get inside a system and encrypt the information and lock it up,” he said. “There’s really no evidence suggesting (hackers) move it or take it or use it for anything.”

The information impacted by the ransomware included students’ grades and the district’s directory with contact information for parents and staff, Jensen said. Staff members’ Social Security numbers were also part of the information that was encrypted by the malware, and Jensen said the district has taken out fraud protection insurance for its staff members as a precautionary measure.

Due to the hack, students’ grades are not able to be updated online this week, Jensen said.

Jensen said the district became aware of the ransomware on Monday and alerted the Flathead County Sheriff’s Office. It’s impossible to know exactly how the ransomware was able to infiltrate the district’s server due to the covert nature of these software attacks, Jensen said. The district does have anti-virus software in place, Jensen said. The most common way for ransomware to infiltrate systems is through email attachments that are simply opened on one computer and quickly spread throughout a server.

“We’re not faulting any employees. Nobody did anything wrong,” he said. “These are pretty sneaky, sophisticated viruses that can work their way in.”

Jensen credited the work of Don Richardson, the district’s former computer network manager, who created the backup system that is being utilized. Jensen also applauded the efforts of Tim Ehlrich, the computer network manager, who is cleaning the server and restoring the system.

An open letter to parents explaining the situation has been posted on the district’s website.

Stay Connected with the Daily Roundup.

Sign up for our newsletter and get the best of the Beacon delivered every day to your inbox.