Editorial: RSS’ cyberattack still plaguing systems

Published 12:00 am Sunday, February 13, 2022

A cyberattack against Rowan-Salisbury Schools is turning out to be more serious than the district initially let on.

More than a month after the attack — first called a “cyber incident” — many computers running Windows aren’t back in use. Last week, RSS failed to notify a number of families about a two-hour delay. The issues are not the fault of Rowan-Salisbury Schools staff, but they must provide the public continued communication about what’s going on, even if some things are allowed to be kept private by state law.

So far, the public knows RSS experienced a cyberattack Dec. 29 that brought down the district’s servers and “significantly impacted” all Windows devices connected to the network. A compromised user account was involved in the attack, the district announced Dec. 29. The National Guard sent staff to collect data on the incident and state officials have traveled to Salisbury to help.

David Blattner, who leads RSS’ information technology staff, said last week some departmental files and notes can’t be recovered. Many internal programs don’t work and RSS staff are rebuilding them. Career and technical education computers haven’t been functional for more than a month.

On Tuesday morning, RSS also learned parent information hasn’t been synced to the district’s system on a nightly basis, which resulted in some parents not being told about a two-hour delay. This meant students standing at their stop — perhaps after their parents left for work — and not seeing a bus for hours (or even at all if they gave up on waiting). Parents who didn’t get a call or notification and don’t check social media frequently likely found out through a family friend or through a child’s texts with friends.

Rowan-Salisbury Schools isn’t necessarily to blame. It found out the cyberattack affected communications on Tuesday, too, and recommended parents get in touch with the data manager at their school if they didn’t receive a message.

It’s not out of the realm of possibilities another otherwise functioning system could be handicapped. RSS staff may only find out when they try to use it again. If they haven’t already, district staff should conduct quality assurance checks even on programs, hardware or software only used a few times per year.

The good news is the attack reportedly didn’t impact financial, payroll or human resources systems. So, however bad the incident was, it could have been worse. Still, parents, students, educators and the public need continued communications about how RSS is recovering from the cyberattack.

Technology is just as important to the learning experience in 2022 as heat in the depths of winter. So, the public also needs to know how the school system will prevent a similar cyberattack incident from occurring again. The school board should know, too, whether it can take steps to prevent different and more severe attacks from happening.