ALBUQUERQUE: For teachers at a middle school in New Mexico’s largest city, the first inkling of a widespread tech problem came during an early morning staff call.
On the video, there were shout-outs for a new custodian for his hard work, and the typical announcements from administrators and the union rep. But in the chat, there were hints of a looming crisis. Nobody could open attendance records, and everyone was locked out of class rosters and grades.
Albuquerque administrators later confirmed the outage that blocked access to the district’s student database — which also includes emergency contacts and lists of which adults are authorized to pick up which children — was due to a ransomware attack.
“I didn’t realize how important it was until I couldn’t use it,” said Sarah Hager, a Cleveland Middle School art teacher.
Cyberattacks like the one that canceled classes for two days in Albuquerque’s biggest school district have become a growing threat to US schools, with several high-profile incidents reported since last year. And the coronavirus pandemic has compounded their effects: More money has been demanded, and more schools have had to shut down as they scramble to recover data or even manually wipe all laptops.
“Pretty much any way that you cut it, incidents have both been growing more frequent and more significant,” said Doug Levin, director of the K12 Security Information Exchange, a Virginia-based nonprofit that helps schools defend against cybersecurity risk.
Precize data is hard to come by since most schools are not required to publicly report cyberattacks. But experts say public school systems — which often have limited budgets for cybersecurity expertise — have become an inviting target for ransomware gangs.
The pandemic also has forced schools to turn increasingly toward virtual learning, making them more dependent on technology and more vulnerable to cyber-extortion. School systems that have had instruction disrupted include those in Baltimore County and Miami-Dade County, along with districts in New Jersey, Wisconsin and elsewhere.
Levin’s group has tracked well over 1,200 cybersecurity incidents since 2016 at public school districts across the country. They included 209 ransomware attacks, when hackers lock data up and charge to unlock it; 53 “denial of service” attacks, where attackers sabotage or slow a network by faking server requests; 156 “Zoombombing” incidents, where an unauthorized person intrudes on a video call; and more than 110 phishing attacks, where a deceptive message tricks a user to let a hacker into their network.
Recent attacks also come as schools grapple with multiple other challenges related to the pandemic. Teachers get sick, and there aren’t substitutes to cover them. Where there are strict virus testing protocols, there aren’t always tests or people to give them.
In New York City, an attack this month on third-party software vendor Illuminate Education didn’t result in canceled classes, but teachers across the city couldn’t access grades. Local media reported the outage added to stress for educators already juggling instruction with enforcing COVID-19 protocols and covering for colleagues who were sick or in quarantine.
Albuquerque Superintendent Scott Elder said getting all students and staff online during the pandemic created additional avenues for hackers to access the district’s system. He cited that as a factor in the Jan. 12 ransomware attack that canceled classes for some 75,000 students.
The cancelations — which Elder called “cyber snow days” — gave technicians a five-day window to reset the databases over a holiday weekend.
Elder said there’s no evidence student information was obtained by hackers. He declined to say whether the district paid a ransom but noted there would be a “public process” if it did.
Hager, the art teacher, said the cyberattack increased stress on campus in ways that parents didn’t see.
Fire drills were canceled because fire alarms didn’t work. Intercoms stopped working.
Nurses couldn’t find which kids were where as positive test results came in, Hager said. “So potentially there were students on campus that probably were sick.” It also appears the hack permanently wiped out a few days worth of attendance records and grades.
Edupoint, the vendor for Albuquerque’s student information database, called Synergy, declined to comment.
Many schools choose to keep attacks under wraps or release minimal information to prevent revealing additional weaknesses in their security systems.
“It’s very difficult for the school districts to learn from each other, because they’re really not supposed to talk to each other about it because you might share vulnerabilities,” Elder said.
Last year, the FBI issued a warning about a group called PYSA, or “Protect Your System, Amigo,” saying it was seeing an increase in attacks by the group on schools, colleges and seminaries. Other ransomware gangs include Conti, which last year demanded $40 million from Broward County Public Schools, one of the nation’s largest.
Most are Russian-speaking groups that are based in Eastern Europe and enjoy safe harbor from tolerant governments. Some will post files on the dark web, including highly sensitive information, if they don’t get paid.
While attacks on larger districts garner more headlines, ransomware gangs tended to target smaller school districts in 2021 than in 2020, according to Brett Callow, a threat analyst at the firm Emsisoft. He said that could indicate bigger districts are increasing their spending on cybersecurity while smaller districts, which have less money, remain more vulnerable.
A few days after Christmas, the 1,285-student district of Truth or Consequences, south of Albuquerque, also had its Synergy student information system shut down by a ransomware attack. Officials there compared it to having their house robbed.
“It’s just that feeling of helplessness, of confusion as to why somebody would do something like this because at the end of the day, it’s taking away from our kids. And to me that’s just a disgusting way to try to, to get money,” Superintendent Channell Segura said.
The school didn’t have to cancel classes because the attack happened on break, but the network remains down, including keyless entry locks on school building doors. Teachers are still carrying around the physical keys they had to track down at the start of the year, Segura said.
In October, President Joe Biden signed the K-12 Cybersecurity Act, which calls for the federal cybersecurity agency to make recommendations about how to help school systems better protect themselves.
New Mexico lawmakers have been slow to expand Internet usage in the state, let alone support schools on cybersecurity. Last week, state representatives introduced a bill that would allocate $45 million to the state education department to build a cybersecurity program by 2027.
Ideas on how to prevent future hacks and recover from existing ones usually require more work from teachers.
In the days following the Albuquerque attack, parents argued on Facebook over why schools couldn’t simply switch to pen and paper for things like attendance and grades.
Hager said she even heard the criticism from her mother, a retired school teacher.
“I said, ‘Mom, you can only take attendance on paper if you have printed out your roster to begin with,’” Hager said.
Teachers could also keep duplicate paper copies of all records — but that would double the clerical work that already bogs them down.
In an era where administrators increasingly require teachers to record everything digitally, Hager says, “these systems should work.”
Cyberattacks increasingly hobble pandemic-weary US schools
https://arab.news/nghzb
Cyberattacks increasingly hobble pandemic-weary US schools
- Cyberattacks like the one that canceled classes for two days in Albuquerque’s biggest school district have become a growing threat to US schools
More than 100 inmates make deadly prison break in Chad
A local Mongo official said prisoners broke into a manager’s office to steal guns
MONGO, Chad: More than 100 inmates escaped a Chad prison during a shoot-out that left three people dead, and wounded a state governor visiting the facility, officials told AFP on Saturday.
The break-out occurred late Friday when an uprising happened in the high-security penitentiary five kilometers (three miles) from the town of Mongo, in the center of the country.
“There are around 100 who escaped, three dead and three wounded,” Hassan Souleymane Adam, secretary general of the Guera province in which Mongo is located, said.
A local Mongo official, speaking to AFP on condition of anonymity, said prisoners broke into a manager’s office to steal guns.
“A shootout with guards ensued, at the same time the governor arrived. He was wounded,” he said.
The Mongo official confirmed there were three dead, and put the total number of escaped prisoners at 132.
He said the prisoners revolted after complaining about a lack of food.
Chad’s Justice Minister Youssouf Tom told AFP by telephone that he was about to fly to region and would be able to give “precise information once I am at Mongo in the coming hours.”
Russian President Vladimir Putin announces an Easter ceasefire in Ukraine
- Ceasefire will last from 6 p.m. Moscow time on Saturday to midnight following Easter Sunday
MOSCOW: Russian President Vladimir Putin on Saturday announced an Easter truce in the conflict in Ukraine starting this evening and lasting till midnight on Sunday.
The short-term ceasefire proposal from Russia comes as President Donald Trump has been pressing both Moscow and Kyiv to agree a truce, but has failed to extract any major concessions from the Kremlin.
“Today from 1800 (1500 GMT) to midnight Sunday (2100 GMT Sunday), the Russian side announces an Easter truce,” Putin said in televised comments, while meeting Russian chief of staff Valery Gerasimov.
Easter, a major holiday for Christians, is celebrated on Sunday.
“I order for this period to stop all military action,” Putin said, calling the truce “based on humanitarian reasons.”
“We are going on the basis that the Ukrainian side will follow our example, while our troops must be ready to resist possible breaches of the truce and provocations by the enemy, any aggressive actions,” Putin said.
He said that Gerasimov had told him Ukraine “more than 100 times... breached an agreement on not striking energy infrastructure.”
Russia on Friday abandoned a moratorium on striking Ukrainian energy targets after each side accused the other of breaking a supposed deal without any formal agreement put in place.
The latest truce proposal will show “how sincere is the Kyiv’s regime’s readiness, its desire and ability to observe agreements and participate in a process of peace talks,” Putin said.
Previous attempts at holding ceasefires for Easter in April 2022 and Orthodox Christmas in January 2023 were not implemented after both sides failed to agree on them.
Cambodia welcomes Japanese navy ships to naval base that US suspects is for China’s special use
- Tokyo has developed increasingly close ties with Cambodia in recent years
- China and Cambodia have close political, military, and economic ties
PHNOM PENH, Cambodia: Two Japanese naval ships docked Saturday at Cambodia’s Ream Naval Base, whose recently completed Chinese-funded upgrade has heightened US concerns that it will be used as a strategic outpost for China’s navy in the Gulf of Thailand.
The visit by the two minesweepers, the 141-meter (463-foot) -long Bungo and the 67-meter (219-foot) -long Etajima, part of the Japanese Maritime Self Defense Force, marks the first foreign navy visit since the base’s expansion project was completed earlier this month.
Tokyo has developed increasingly close ties with Cambodia in recent years, seeking to offset China’s influence in the region, and Cambodia invited it to make the renovated port’s first port call, widely seen as an attempt to allay Washington’s concerns.
Both Japanese ships, making a four-day port call with a total of 170 sailors, docked at the base’s new pier, where Cambodian officials, including Rear Adm. Mean Savoeun, deputy commander of the base, held a welcome ceremony.
Concerns about China’s activities at the Ream base emerged in 2019 following a Wall Street Journal report alleging a draft agreement that would grant China 30-year use of the base for military personnel, weapon storage, and warship berthing. The US government has publicly and repeatedly aired its concerns.
China and Cambodia have close political, military, and economic ties. They commenced the port project in 2022, which included the demolition of previous naval structures built by the US at the base.
Cambodia has stated that warships from all friendly countries are welcome to dock at the new pier, provided they meet certain conditions. When Japanese Defense Minister Gen. Nakatani announced the planned visit on Tuesday, he said Japan’s port call symbolizes friendship with Cambodia and is key to regional stability and peace.
He stated that the visit would help ensure Cambodia has an open and transparent naval port, while noting the concerns over China’s growing efforts to secure overseas outposts for military expansion.
The port call came just one day after Chinese President Xi Jinping concluded a two-day state visit to Cambodia aimed at further strengthening China’s strong ties with its closest ally in Southeast Asia.
A statement on Saturday from Japan’s embassy in Cambodia stated that the two vessels are on a mission that began in January to visit 11 countries across Africa, the Middle East, South and Southeast Asia. The port call in Cambodia is considered a “historically significant event for Japan-Cambodia relations,” it said.
The embassy emphasized that the journey of the Japanese vessels “underlines the importance of freedom of navigation, free and open international order based on international law, and its development.”
In December last year, a US Navy warship called at the nearby civilian port of Sihanoukville on a five-day visit. The visit by the USS Savannah, carrying a crew of 103, was the first in eight years by a US military vessel to Cambodia.
A US citizen was held for pickup by ICE even after proving he was born in the country
- It is unclear if Lopez Gomez showed documents proving he is a citizen to the arresting officers
- Court records show Judge Lashawn Riggans found no basis for the charge
MIAMI, USA: A US citizen was arrested in Florida for allegedly being in the country illegally and held for pickup by immigration authorities even after his mother showed a judge her son’s birth certificate and the judge dismissed charges.
Juan Carlos Lopez Gomez, 20, was in a car that was stopped just past the Georgia state line by the Florida Highway Patrol on Wednesday, said Thomas Kennedy, a spokesperson at the Florida Immigrant Coalition.
Gomez and others in the car were arrested under a new Florida law, which is on hold, making it a crime for people who are in the country illegally to enter the state.
It is unclear if Lopez Gomez showed documents proving he is a citizen to the arresting officers. He was held at Leon County Jail and released after his case received widespread media coverage.
The charge of illegal entry into Florida was dropped Thursday after his mother showed the judge his state identification card, birth certificate and Social Security card, said Kennedy, who attended the hearing.
Court records show Judge Lashawn Riggans found no basis for the charge.
Lopez Gomez briefly remained in custody after US Immigration and Customs Enforcement requested he remain there for 48 hours, a common practice when the agency wants to take custody of someone. ICE did not respond to a request for comment.
The case drew widespread attention because ICE is not supposed to take custody of US-born citizens. While the immigration agency can occasionally get involved in cases of naturalized citizens who committed offenses such as lying on immigration forms, it has no authority over people born in the US
Adding to the confusion is a federal judge’s ruling to put a hold on enforcement of the Florida law against people who are in the country illegally entering the state, which meant it should not have been enforced.
“No one should be arrested under that law, let alone a US citizen,” said Alana Greer, an immigration attorney from the Florida Immigrant Coalition. “They saw this person, he didn’t speak English particularly well, and so they arrested him and charged him with this law that no one (should) be charged with.”
Money, power, violence in high-stakes Philippine elections
- The country’s elections commission, Comelec, recorded 46 acts of political violence
- Comelec said “fewer than 20” candidates have been killed so far this campaign season, which it notes is a drop
MANILA: Philippines election hopefuls like mayoral candidate Kerwin Espinosa have to ask themselves whether the job is worth taking a bullet.
The country’s elections commission, Comelec, recorded 46 acts of political violence between January 12 and April 11, including the shooting of Espinosa.
At a rally this month, someone from the crowd fired a bullet that went through his chest and exited his arm, leaving him bleeding but alive.
Others have been less lucky.
A city council hopeful, a polling officer and a village chief were among those killed in similar attacks in the run-up to mid-term elections on May 12.
Comelec said “fewer than 20” candidates have been killed so far this campaign season, which it notes is a drop.
“This is much lower, very low compared to the past,” commission spokesperson John Rex Laudiangco told AFP, citing a tally of about 100 deaths in the last general election.
Analysts warned that such violence will likely remain a fixture of the Philippines’ political landscape.
The immense influence of the posts is seen as something worth killing for.
Holding municipal office means control over jobs, police departments and disbursements of national tax funds, said Danilo Reyes, an associate professor at the University of the Philippines’ political science department.
“Local chief executives have discretion when it comes to how to allocate the funding, which projects, priorities,” he said.
Rule of law that becomes weaker the farther one gets from Manila also means that regional powerbrokers can act with effective impunity, said Cleve Arguelles, CEO of Manila-based WR Numero Research.
“Local political elites have their own kingdoms, armed groups and... patronage networks,” he said, noting violence is typically highest in the archipelago nation’s far north and south.
“The stakes are usually high in a local area where only one family is dominant or where there is involvement of private armed groups,” Arguelles said.
“If you lose control of... city hall, you don’t just lose popular support. You actually lose both economic and political power.”
In the absence of strong institutions to mediate disagreements, Reyes said, “confrontational violence” becomes the go-to.
Espinosa was waiting for his turn to speak at a campaign stop in central Leyte province on April 10 when a shooter emerged from the crowd and fired from about 50 meters (164 feet) away, according to police.
Police Brig. Gen. Jean Fajardo told reporters this week that seven police officers were “being investigated” as suspects.
Convictions, however, are hard to come by.
While Comelec’s Laudiangco insisted recent election-related shootings were all making their way through regional court systems, he could provide no numbers.
Data compiled by the Armed Conflict Location and Event Data project show that in 79 percent of violent acts targeting local government members between 2018 and 2022 the perpetrators were never identified.
National-level politicians, meanwhile, reliant on local political bases to deliver votes, have little incentive to press for serious investigations, said Reyes.
“The only way you can ensure national leaders win positions is for local allies to deliver votes,” he said.
“There are convictions but very rarely, and it depends on the potential political fallout on the national leaders as well as the local leaders.”
It’s part of the “grand bargain” in Philippine politics, Arguelles said.
Local elites are “tolerated by the national government so long as during election day they can also deliver votes when they’re needed.”
Three days after Espinosa’s shooting, a district board candidate and his driver were rushed to hospital after someone opened fire on them in the autonomous area of Mindanao.
Election-season violence has long plagued the Bangsamoro Autonomous Region in Muslim Mindanao, known as the BARMM.
Comelec assumed “direct control” over the municipalities of Buluan and Datu Odin Sinsuat after municipal election officer Bai Maceda Lidasan Abo and her husband were shot dead last month.
Since last year, Comelec has held the power to directly control and supervise not only local election officials but also law enforcement.
Top police officials in the two municipalities were removed for “gross negligence and incompetence” after allegedly ignoring requests to provide security details for the slain Comelec official.
Their suspensions, however, will last only from “campaigning up to... the swearing-in of the winners,” Comelec’s Laudiangco said.
The commission’s actions were part of a “tried and tested security plan” that is showing real results, he said.
But he conceded that the interwoven nature of family, power and politics in the provinces would continue to create a combustible brew.
“You have a lot of closely related people in one given jurisdiction... That ensures polarization. It becomes personal between neighbors.
“We all know Filipinos are clannish, that’s our culture. But we’re improving slowly.”
