Iowa school district cancels classes another day due to cyberattack

One of the biggest school districts in Iowa plans to shutter its doors again on Wednesday after canceling classes today due to a cyberattack. 

On Monday, Des Moines Public Schools – which serves 30,000 students and has nearly 5,000 staff members – said it preemptively took the school district’s internet and network services offline in response to “unusual activity on the network.”

An investigation was started by the district’s IT staff as well as outside cybersecurity consultants, but access to the internet, WiFi, and various networked systems at school buildings and district offices was limited. 

By Monday afternoon, the district decided to cancel classes for Tuesday.

“Because many technology tools that support both classroom learning as well as the management and operation of the school district are not available at this time, the prudent decision is to close the district for the day,” the district said in a statement, noting that some staff would be working remotely. 

On Tuesday morning, the district said its network systems remained offline as they worked to resolve the disruption. 

They said their goal is to “remove any and all threats” from their systems and to make sure all devices are “clean.” Access to systems with student information, educational programming, and numerous operational functions remained offline on Tuesday.

In an update, the district said it would be canceling classes again on Wednesday as they continue to work to restore systems. All activities and athletics would be canceled on Wednesday. 

There will be no school on Wednesday, January 11, due to an ongoing recovery from a cyber security incident this week. Follow the link for a full update. https://t.co/ru5oZIxrku

— DM Public Schools (@DMschools) January 10, 2023

The school district said in a statement that they hoped to reopen on Thursday. In one sign of progress, officials said the district website was back online, allowing them to communicate and share updates with parents. 

The outages come just one week after several schools across Massachusetts were forced to cancel classes last Wednesday due to a ransomware attack. 

Emsisoft threat analyst Brett Callow said 45 school districts in the U.S. were impacted by ransomware in 2022 and at least 24 of them had data stolen – including in a headline-grabbing attack on the second largest school district in the country.

That incident – which affected Los Angeles’ LAUSD school district – prompted intervention from the White House and several federal agencies. 

Last year, the same group behind the Los Angeles incident claimed to have attacked the Linn-Mar School District in Iowa. The Des Moines Register noted that several other school districts in Iowa have faced cyberattacks and ransomware incidents including Glenwood Community School District, Cedar Rapids Community School District and the Davenport Community School District. 

Officials in Glenwood ended up paying a $10,000 ransom to address their ransomware attack, according to the local newspaper.