Peel District School Board struggles with fallout from malware attack, leaving parents, teachers in the dark

The Peel District School Board is still unable to say when several of its key online resources will be back on track after they were hit by a malware attack that continues to paralyze a string of databases.

Last week, the board told staff in an email, the malware “resulted in the encryption of certain PDSB files and systems,” and after it was discovered, the board “took immediate steps to isolate the incident.”

The risk posed by unknown hackers is creating unease among the unions representing elementary and secondary school teachers, who claim they have been kept in the dark, and received just the most sparing details about the type and scope of attack more than a week since the board first admitted it was facing a “cyber security incident.”

Speaking to the Star Thursday, board spokesperson Tiffany Gooch said a cybersecurity firm, hired by the board has made significant progress in both the investigation and recovery efforts, but couldn’t say exactly when the systems would be back to normal.

“We hope to be able to provide a resolution timeline in the next few days,” said Gooch.

“We can confirm that the incident involved encryption malware.”

Gooch wouldn’t say if the hackers have attempted to extort the board by seeking payment to unlock the seized data portals, but she did say there is “no evidence that any personally identifiable or otherwise sensitive data was compromised because of the attack.”

Gooch was unable to say how the incident occurred and who might be responsible. These are things she says she hopes the continuing probe will reveal.

Of equal concern to the union is that the board faces this logistic hurdle in the days leading up to students’ anticipated return to the classroom for in-person learning the week of Feb. 16.

Representatives from both unions say the board has provided links for back-channel access, so some tasks can be completed.

The board remains partially locked out of the intranet used by staff because some functions cannot be accessed.

She said the malware has not affected virtual classrooms, but it did wipe out the website and with it applications accessed by families.

As a result, the board extended deadlines for Grade 1 French…


Legal recourse? Nissan balances competitive and security fallout from source code leak

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.

Nissan offerings associated with the leaked source code ran the gamut from Nissan North America mobile apps and Nissan’s internal core mobile library to some parts of the Nissan ASIST diagnostic tool and sales and marketing research tools and data. The Git server has since been taken offline, after data began to get shared on Telegram and hacking forums.

Based on discussions with intellectual property lawyers, Nissan may have some recourse in terms of filing injunctions and suing for damages under copyright, trade secrets and patent laws. To do so, the auto maker will have to expend a great deal of resources to track violators down and bring them to court. This assumes that the violators are in the United States and the company could take action under U.S. law.

Thomas Moga, a senior counsel and intellectual property attorney at Dykema, which has many automotive clients, said that according to the U.S. Copyright Office, laws protect original works of authorship “fixed in a tangible medium of expression.” Moga added that under that definition, source code can qualify for protection under the copyright laws.

“So it appears that Nissan owns a copyright in the source code and that it may well be in a position to bring an action against unauthorized users of its source code,” Moga said. “But it’s up to Nissan to pursue those actions; I think we can expect them to be very aggressive, as they should be.”

Jennifer DeTrani, general counsel and executive vice president of Nisos, added that Nissan could potentially file lawsuits as part of a legal strategy to repair the reputational damage from the leak, showing the public they are serious about protecting their vehicles. But legal remedies would not yield much.

“Collecting damages under copyright law assumes that there’s somebody with deep pockets to sue who would pay,” DeTrani said. “Any competent lawyer could get the…


Concern mounts over government cyber agency’s struggle to respond to hack fallout

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

With Microsoft acknowledging for the first time this past week that suspected Russian hackers behind a massive government security breach also gained access to its source code, pressure is mounting on US officials and cybersecurity experts to explain how the attackers infiltrated various US computer networks, what they did once inside and the steps that are being taken to mitigate the damage.

As US officials struggle with the fallout, questions are swirling about whether the agency tasked with protecting the nation from cyberattacks is up to the job.

On Wednesday, the Cybersecurity and Infrastructure Security Agency, (CISA) signaled it’s still working to patch the known vulnerabilities, advising agencies to update their software from SolarWinds, a private contractor attackers exploited to gain access into potentially thousands of public and private sector organizations.

Congressional Democrats and the Biden transition team are demanding more information about the massive hacking campaign, calling on the Trump administration to address concerns about its handling of the fallout and perceived lack of transparency in the weeks since the data breach was first discovered.

The Biden team in particular has stated that it’s been stonewalled by Trump officials in its effort to learn more about key national security issues, including the hack.

Trump administration officials say those accusations are exaggerated but have also acknowledged they are wary of any transition activity that could provide the Biden team a head start in dismantling the President’s priorities.

To date, the White House has offered few public details about what is believed to be the most significant cyber operation targeting the US in years. The lack of…


The fallout from SolarWinds hack will get worse before it gets better

  • US government agencies and private organizations have been the targets of a cyberattack that was only just uncovered this month.
  • A group of hackers believed to be associated with the Russian intelligence agency SVR infiltrated a SolarWinds software update earlier this year.
  • This is a huge problem for two major reasons: The attackers were able to gain access for a long period of time without being detected, and it will also take a long time for security experts to determine the extent of what’s been compromised.
  • “Fragments of attacks can sit dormant for months, and years, and only revive when the author wants them to begin their job,” cybersecurity expert Sean Harris told Business Insider. “Stealth is the most worrisome aspect of these ‘attacks.'” 
  • Visit Business Insider’s homepage for more stories.

For months, US government agencies and private organizations have been the targets of what’s being called the most widespread cyberattack ever, and one that went largely undetected until this month. At the center of the attack is a company most people have never heard of called SolarWinds, which provides IT infrastructure management tools to hundreds of thousands of customers including government agencies, corporations, and nonprofit organizations. 

A SolarWinds software update earlier this year was infiltrated by a group of hackers believed to be associated with the Russian intelligence agency SVR, in what is known as a supply chain attack. As a result, the hackers’ malware was able to infect the networks of many, if not all of, SolarWinds’ customers as they updated their SolarWinds Orion software.

“The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies,” Tom Bossert, former Homeland Security Advisor, said in an op-ed in the the New York Times on Thursday.

Not only is this attack extraordinary in its scope, it’s devastating in its impact — largely because of two things. First, the attackers were able to gain covert access for a long period of time without being detected. And second, it will be even…