Janesville School District's network suffers ransomware cyberattack

Oct. 25—JANESVILLE — The Janesville School District said Monday it was the victim of a ransomware attack that locked district servers and network resources, including Wi-Fi access and printing services at all Janesville schools, according to a message posted on the district's website.

The district information technology team noticed irregularities in the district's network and found what appeared to be ransomware code in its servers, according to the message, which pops up when first accessing the district's site.

The IT team contacted the state of Wisconsin's Division of Enterprise Technology Cyber Response Team, the FBI and the U.S. Department of Homeland Security, which are investigating the issue.

Dr. Robert Smiley, chief information officer for the district, said district employees are following the cyber response team's lead in the investigation.

He said the first priority is to reestablish internet access for students and staff because all district schools access many learning resources via the internet.

No data had been accessed or destroyed, according to the message, but the ransomware had locked students, staff members and families out of various district systems and programs such as Infinite Campus, Classlink, and web-based textbooks and other resources.

"We did notify staff last night once we became aware of what was happening, or what we believed to be happening, and tried to get as many of them as prepared as possible to essentially teach in the traditional manner today," said Patrick Gasper, public information officer for the district.

Telephones, security cameras and paging systems within the schools have not been affected, and systems such as Google mail and Google Classroom were still accessible via cellular data or through non-district Wi-Fi, according to the message at the district website.

Smiley appreciated the community's patience and assured students and families that the incident is not a result of a lack of security.

"Ransomware is happening to the best companies and school districts around the globe," he said.

The investigation is currently in the discovery phase, and Smiley said the district is not able to project when repairs will be completed. The district said in its message on its website that it had not received a "ransom note indicating any demands."

"Obviously, it's impacting learning," Smiley said. "It becomes a priority to get back up and running, and internet access will be the first thing that we'll work on reestablishing."

The message said the district's IT team is still working to address the situation, and the district said it will provide updates as the situation changes.