CRIMINALS have targeted Newcastle Grammar School (NGS) in a ransomware cyber attack, encrypting and destroying parts of the school's network and trying to extort money to unlock it.
Head of School Erica Thomas said NGS became aware of the attack on Saturday morning and reported it to local police, the Australian Cyber Security Centre and its insurer.
"The criminals encrypted and destroyed parts of our network and asked for money to unlock it," Ms Thomas said.
"We brought in specialists immediately when we became aware and are still using these experts to help us."
She said these included information technology specialists and separate forensic information technology specialists that are currently working remotely with the school.
"This is a key issue of the time we are living in," Ms Thomas said.
"Attacks like this, we're reading about more frequently across the world and also here in Australia.
"It's very hard to prepare for them when they happen but [important] to understand the risks and how disruptive it is."
She said NGS did a cyber security review three months ago.
"We have many protections on our system, yet they still managed to get in."
An international criminal group is believed to be behind the attack, which has impacted access to the school's servers and online resources.
The school only had access to email restored on Tuesday.
Year seven to 10 students were due to start exams on Monday, but studied from home for the day. The exams were postponed to Tuesday.
"Our teachers have been amazing, once again," she said.
"They have been working with our students to basically keep them calm.
"Year seven to 10 did online exams in the middle of the year because of COVID and now they're faced with this."
Ms Thomas said she couldn't rule out a data breach and the school had communicated with families about this possibility.
"We have reporting obligations should we find a data breach and we are keeping our parents informed and our staff," she said.
"At this point we don't know if anything has been stolen and if so, what."
An Australian Cyber Security Centre (ACSC) spokesperson said it was "aware of a cyber security incident" involving the school.
The ACSC said in its latest Annual Cyber Threat Report that while fraud is the most common category of cybercrime, ransomware is the "highest threat".
The Australian Cyber Security Centre said this assessment is "based on the fact that ransomware requires minimal technical expertise, is low cost and can result in significant impact to an organisation, potentially crippling core business functions".
It issued a publication last month saying "all sectors and individuals with information of value are potential targets for cybercriminals seeking opportunities for financial gain".
Ms Thomas said the attack was "still an evolving situation".
"But we know other organisations have been through something similar and the specialist teams in this area are experienced in supporting organisations like us."
She said the specialists had advised her the school was in the first of three phases to manage the attack but it was unclear how long it would take to resolve.
"We have an idea [how it happened] but we're not 100 per cent sure at this stage and that's part of what we've got to reconstruct," she said.
"There's an IT plan and that has to try to restore things, then there's a plan around the data, so that's where it then moves to.
"Then you've got further things to really look at and that's how did it really occur and what can we do to protect ourselves in the future."
Ms Thomas said the attack had been "highly disruptive at the end of a difficult year" and "yet another challenge".
Teachers can't access resources, she said, and she can't open folders on her computer.
"2020 has taught us to be very resilient, it's taught us to meet challenges head on and it's taught us that the unexpected can happen," she said.
"We are hoping 2021 will be a more straight forward year."
Ms Thomas thanked families for their support.
"They are very understanding that we are doing everything possible to protect their data but also to help their children."
While you're with us, did you know the Newcastle Herald offers breaking news alerts, daily email newsletters and more? Keep up to date with all the local news - sign up here
IN THE NEWS:
- Strike Force Roche: Killingworth woman charged with $10,000 bushfire relief grant fraud
- Knights favourite son Sione Mata'utia signs with English Super League powerhouse St Helens
- Not guilty plea over Boxing Day murder
- University of Newcastle payroll review into casual staff and supervisors finds $6 million in errors between 2014 and 2020
- Federal police lay 577 charges after Central Coast case uncovers network of child abuse