As is so often the case, a program with the best of intentions can lead to disastrous results. This week’s installment of good deeds gone awry is a forward-thinking classroom computer program meant to instigate further learning that instead has caused a massive headache for one school district’s IT department.
In November, the computer network for the Lake Washington School District in the northwestern part of the U.S. state of Washington was infected by a bug known as the Goblin virus, a particularly virulent malware spread over the internet that targets larger networks.
These types of cyberattacks are unfortunately nothing new, as the Privacy Rights Clearinghouse reported that more than 2.6 million records have been exposed since 2010 as a result of 80 hacks and malware attacks targeting educational institutions.
However, what makes this computer virus infection particularly noteworthy is the number of devices that have been infected: more than 25,000. The reason the malware could disrupt so many computers is because the school district in September implemented a new pilot program to give a computer to every middle and high school student at 50 locations in the district.
Could a major software manufacturer have thwarted the disaster?
According to the Lake Washington School District, the initiative was supposed to encourage greater learning by empowering youth with the tools to conduct their own research and develop better tech-related skills. Instead the school district now has a massive clean-up job on its hands. GeekWire reported that although teachers have kept class going during the month-long ordeal, the issue exposes faults with the company the district partnered with to secure all of the computers: Microsoft.
Microsoft, which has its company headquarters located in the district, has since 2009 been partnering with school officials to develop identity-based classroom management software meant to provide enough layered security to allow students to safely access schedules and grades, CNET reported.
Despite all of the resources that Microsoft put into the security system, bad end user habits may be what did in the system so quickly after it was implemented. The KOMO News Network reported that bad home computer habits likely caused the Goblin virus to infect all of the computers. Staff are now installing firewalls and anti-virus software on all of the devices affected by the bug.
The issue has been difficult to fully rectify not just because of the sheer number of infected devices, but also because of the severity of the cyberattack. GeekWire reported that because the virus was able to get onto the network through an executable file, it is particularly difficult to remove from the computers.
“We know we were in for a long haul when one of our parents who works at Microsoft told us that the virus was ‘an extremely sophisticated one,’ when he heard the name of the virus,” said district spokeswoman Kathryn Reith, according to the online news source.
According to GeekWire, the incident underscores the importance of proper training and implementing the best online and offline security as possible. While the trend of providing one internet-enabled device for every enrolled student is likely to continue in the education sector, Lake Washington’s experience shows how districts cannot rely on just one solution and need a more robust plan that uses a variety of security measures.
Do you think application control would have been a more effective strategy for blocking the Goblin virus from infecting the district’s computer system? Would the network have been safer if the students had Macs instead of PCs? Should this incident scare other schools away from a 1:1 classroom computer initiative?