New Jersey school district forced to cancel final exams amid ransomware recovery effort

Tenafly Public Schools in Bergen County, New Jersey is in the process of recovering from a ransomware attack that began on June 2. 

The school was forced to cancel final exams as they restore systems and address the incident, according to district communications manager Christine Corliss.

Corliss told The Record that they initially noticed that their files were not able to be accessed normally last Thursday before cybersecurity experts were brought in to help. 

“It looked like our servers were not operating correctly, so they immediately shut everything down to isolate the incident and to begin investigating what was going on. Our servers were down and they needed to figure out why,” Corliss said. 

Cybersecurity experts discovered ransomware on their systems and pulled in the FBI as well as state officials and the school’s cyber insurance provider. 

The parent of a student at Tenafly Public Schools, who asked not to be named, told The Record that all of the school’s Google Classroom, grading and other systems were offline because of the attack. 

“Final exams have been canceled. We don't know what's going to happen with graduation. It's seriously nasty. There is total radio silence from the administration and board. Presumably state and federal officials involved,” the parent said.

Maria Prato, director of communications for the New Jersey Office of Homeland Security and Preparedness, declined to comment on the state’s response to the attack and directed all questions to the school district. 

Corliss confirmed that final exams had been canceled because teachers were concerned that the tests, slated to start on Monday, would be unfair to students who had been locked out of systems with their notes for the whole week. 

Corliss said the school’s systems are still down and they are in the process of restoring it. They do have access to some parts of the system but their security experts are installing additional security software as they bring everything back online. 

“People do now have access to Google Workspace, Google Classroom, Google Drive and all of that. They can do their work that way. In the interim, the teachers and staff have been going old school, using projectors, paper and pencil, hands-on activities and projects to keep the curriculum going and the learning going,” Corliss explained. 

“The kids kind of liked it because they aren't used to the overhead projectors, so they thought it was cool. We did make the decision to cancel finals on Tuesday because the kids hadn't been able to get to their Google Space, which is where their notes and reviews for finals would be. We did not feel that was fair and we didn't want to increase their anxiety levels over this because they would have so much less time to review their work.”

The school is now working with law enforcement agencies and the FBI to recover from the attack. Corliss did not have information about which ransomware group attacked the school. 

She could not say when the school will fully recover but noted that the recovery is “progressing well, so we expect soon.”

Corliss noted that the incident was the exact opposite of the situation they faced at the onset of the COVID-19 pandemic, when they had to digitize everything and move to computer-based systems.  

“We’re lucky that we have a staff and students that we have because they were able to very quickly, when COVID came into play, move to 100% technology. So now we kind of had to do the reverse and they were able to do it,” she said. 

“They were very quickly able to move from this very high percentage of technology in the classrooms to no technology.”

Emsisoft threat analyst Brett Callow tracks cyberattacks and ransomware incidents targeting school districts and colleges. 

He noted that at least 10 U.S. school districts with 237 schools among them have been hit by ransomware this year. 

Cyberattacks on K-12 schools across the U.S. have continued unabated, with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents last month.

Just two weeks ago, nearby Somerset County was hit with ransomware, taking down the county’s email systems.