A technology audit by an independent firm revealed that the Sunflower County Consolidated School District is operating with some outdated technology that could place the district in a vulnerable position with hackers.
Technology Supervisor Sylvester Washington said, “Basically he said our network wasn’t horrible, but it was in medium risk.”
Washington said the report confirmed some things that they already knew. His first reference was to the data relay switches and he also mentioned older computers in use that were running Windows 7 software. He said those computers must get off of the district’s network.
Pointing to the equipment in the room, Washington said, “Those switches, they never turn off. They’re on 24-7, so the lifespan of those switches is three to five years.” He surmised that the switches now in use are more than 11 years old. “So it’s time to update,” he said.
Washington explained that because of cybercrimes and other electronic criminal elements the equipment should be changed out as new technology is developed and not have the replacement delayed until it just stops working like you would handle a major appliance in your home.
He said in times past using outdated hardware may not have been a big issue; however, with the increase in and more sophisticated means of hacking into systems and ransomware technology the risk now is much greater. “Once those switches are out of date, they stop sending out security patches. When you stop getting security patches it means you can get hit by viruses and ransomware,” he said.
Washington named several school districts in Mississippi that have recently been hit by cyber bandits who held those districts’ information hostage and requested a reward to release it.
Mentioning one district in particular, he said, “Teacher opened up an email, teacher clicked on a link, sent out a virus ransomware, now they (the hackers) are requesting $1.2 million to get their files back.”
He told the board members that he is trying to prevent that from happening to this district. He indicated that his current budget includes three new servers and a backup device and that the switchers will be included in his financial plan for next year.
Adding affirmation to what Washington stated, Superintendent Miskia Davis said that the district had been trying to get as much use as possible out of the old computers, but stressed that after January of 2020 they will be obsolete and no longer able to be used. Washington added, “You can’t even test on them, no state tests.”
Davis said the district ordered the audit after she and members of the SCCSD board of trustees witnessed a recent presentation at the state board of education’s leadership conference that raised concerns about cybersecurity and the possibility of network hacking.
She said the conducted study was a complete audit that covered all of their technology and resources. “And the reason we wanted to do that is because Mr. Washington has really been looking at adding some things (and) that’s going to require money, so we wanted to have some definitive facts to share with the board to support why things are going to need to be purchased,” she said.
Davis praised Washington and his team for their efforts to keep the district safe and protected. “They have been going from school to school training the staff on how to be more secure.”
Washington maintained, “They say it’s not if you get hacked, but when you get hacked. But, I think we’re in a good position because we don’t house a lot of our files.” He said the files to several key components of the district are backed up and housed off site by companies who have measures in place to protect the district’s data.