building automation

School District Recovering from Cyberattack

  December 15, 2020

By Dan Hounsell

Institutional and commercial facilities nationwide increasingly rely on digital technology for a range of applications. Building automation systems and computerized maintenance management systems are two of the most common applications that facility managers have embraced in the last few decades. Along with the potential benefits of this technology, managers also must pay close attention to data security and the threat of cyberattacks, as one large school district is learning the hard way.

Experts say cyberattacks on public school systems are on the rise around the country, just days after the Baltimore County attack, schools in Huntsville, Ala., also were shut down by a ransomware incident.

In the last six years, state audits routinely have identified cybersecurity vulnerabilities in most of Maryland’s 24 school systems, according to The Baltimore Sun. School systems in Maryland are generally reviewed by the Office of Legislative Audits once every six years. Among the findings, auditors found in 2018 that Baltimore City public schools had stored sensitive, personally identifiable information without adequate safeguards, and the network’s intrusion prevention system had substantial gaps. A city schools spokesman said this week that the district had addressed the issues identified in the audit.

In 2019, auditors identified 32 publicly accessible servers for Anne Arundel schools improperly located within the internal network, with no buffer to prevent hackers from accessing the entire system. Mosier said problems identified in the audit have since been rectified.

Dan Hounsell is editor of Facility Maintenance Decisions.


Read next on FacilitiesNet