2018 audit found vulnerabilities in TUSD computer system | News

/in


TUCSON (KVOA)- A 2018 audit of the Tucson Unified School District found several vulnerabilities in the computer system.

The Arizona Auditor General’s report found the district “lacked adequate computer controls” which increased risk of unauthorized access to computer systems.

The report found TUSD had weak password requirements. Common guidelines for strong passwords recommend that passwords be at least eight characters in length; contain a combination of lowercase and uppercase alphabetic characters, numbers, and symbols if permitted in the system; and be changed periodically. However, the District did not require that network and accounting system passwords meet all these requirements.

According to the audit, the district had inadequate procedures for removing access to network and critical systems, with dozens of user accounts still linked to former employees. The report found, “10 user accounts linked to terminated employees who had the ability to access the district’s network using a Virtual Private Network (VPN).”

Finally, TUSD lacked a contingency plan which could help restore systems in case of a breach. Auditors said, “in fiscal years 2016 and 2017, the district did not have a formal, up-to-date, and tested IT contingency plan even though it maintained critical student and accounting information on its network and systems.”

TUSD did not respond to our request for an interview. This report is five-years old, so we don’t know if these issues have been addressed.

But cyber security expert, Sai Huda, CEO of CyberCatch, says it’s happening everywhere.

“These hackers know these school districts have weak security and therefore they’re able to get in very easily, shut things down, encrypt data and put ransomware in the system,” Huda said.

A letter found in school printers attributes the hack to a ransom ware group called Royal. The letter said data had been encrypted, copied and could be posted online.

Tuesday the district released a statement saying it is working with national cyber security experts and that “The forensic investigation is in its early stages and is ongoing. We appreciate the patience of our community as we take essential steps to…

Source…