ITI Vice President Mark Worthy said Tuesday the college's computer personnel were working to get all the servers in the system back up and are making progress. But in the meantime, since many on staff began before automation, they're starting to go through the documents that backup the databases to ensure that grades are recorded and financial aid gets to the right people.
"Full functionality? Not sure when because of the complexity," Worthy said. Some of the critical systems are coming back online. Classes for the 605 students are continuing. Communications, however, have been crippled, so administrators are visiting classrooms to convey information.
What's taking time is that the technicians are reconnecting each server for computers used by students and administrators on the six-acre campus only after checking to ensure the code is clean.
Technicians traced the ransomware attack back to the Czech Republic. The attackers replicated an employee's contact list and sent out emails to faculty and staff that looked like the real thing. The messages asked the reader to click on an expected report, which one of the employees did on Monday, Jan. 27. In the dark hours of the following Wednesday morning, the school's IT administrator was checking the network, as she usually does, and found suspicious activity. She disconnected all the servers from the internet, then started looking for the impacted systems, Worthy said.
But the ransomware was able to encrypt some of the databases and keep the school from accessing their files. Eventually, the techs found a message to contact the attackers for instructions on how and how much to pay to regain access to the databases. "We won't pay and we won't contact these criminals," he said.
Initially, Worthy offered to hire specialists to work on the problem. But his IT staff argued that they would be more familiar with the architecture of the system. Besides, the school teaches information technology and has faculty and staff able to handle the problem.
Unlike, the City of New Orleans or state government, both of which were hit by ransomware attackers, ITI is a privately owned college. State government's teams and experts are not available to the school.
Gov. John Bel Edwards is expected to discuss cybersecurity Wednesday in a speech before the Louisiana Municipal Association, whose members include several localities hit with crippling cyber-attacks.
"We're running this rodeo on our own," Worthy said. "Fortunately, we teach IT, so we have a lot of really, really sharp people already on staff."
Worthy said ITI would be contacting police and the FBI after the system is back up and the incriminating evidence is collected.
Similar ransomware attacks have previously crippled Louisiana state agencies, city governments, and school systems.
In November roughly 1,500 of the state's 30,000 computers were infected by cyber attackers. The hackers blocked access to the state's data until a ransom was paid. The state refused to pay but had to shut down systems that disrupted state services, such as slowing delivery of food stamps, as well as closing the Office of Motor Vehicles for several weeks.
In December, the City of New Orleans shut down its computer systems while technicians cleaned the ransomware out of code and reloaded the information onto city computers.
©2020 The Advocate, Baton Rouge, La. Distributed by Tribune Content Agency, LLC.