Baltimore County Public Schools (BCPS). (Courtesy Image/Logo)

By J. K. Schmid
Special to the AFRO

Baltimore County Public Schools (BCPS) continue to recover from a “catastrophic” cyber attack on its systems Dec. 9.

“As pleased as we are with the progress that we’ve made so far in our recovery from the ransomware attack, especially in terms of resuming instruction, it’s important for everyone to understand that we have a long way to go,” BCPS reported from its website.

The BCPS attack is being dated to the Wednesday before Thanksgiving, though video services cut out midstream Dec. 8. Teachers reported that their devices were experiencing problems late that evening via social media.

BCPS did not report to the public when the malicious code, sometimes called malware, was inserted into the BCPS system, nor has reported what parties, wittingly or unwittingly, gave the attackers access.

A ransomware attack removes an owner’s access to a system until a ransom is paid or a demand is met.

BCPS reports “no evidence of data theft or exfiltration” at this time, but details of the crime and extent of the damage are not being released. BCPS has not released the amount of the ransom, if it was or if it will be paid, and has not reported whether they are in contact with the attackers or their proxies. BCPS does report that they are working now with federal and local law enforcement and Maryland Emergency Management Agents (MEMA).

Classes resumed Dec 2. “Our students and teachers are actively reengaged in learning. Our student attendance is returning to levels from before the cyber attack,” BCPS reported of its own status and progress, Dec. 7.

“Unfortunately, we are limited in what we can say due to the ongoing federal, state and local investigations,” BCPS said through its Twitter account on Nov. 27.

BCPS published its own audit of its network vulnerabilities in a report dated Nov. 19.

“Significant risks existed within BCPS’ computer network,” the report stated. “For example, monitoring of security activities over critical systems was not sufficient and its computer network was not properly secured. In this regard, publicly accessible servers were located in the BCPS internal network rather than being isolated in a separate protected network zone to minimize security risks.”

Without details from BCPS on the nature, origin, and extent of the attack, it cannot be determined if this observed vulnerability is what the attack took advantage of.

BCPS has an over $1.5 billion budget and serves 117,000 students.