On the morning of February 7th, faculty received an unexpected call notifying them of a school-wide wifi shutdown. Some students expressed feeling momentary panic and uncertainty after class was temporarily interrupted for the mysterious call. Junior Tanya Verma recalls her experience during CA when her teacher, Dr. Zane Curtis Olsen, received the call: “Everyone was super confused, and my teachers were panicking a little … Ms. Fischer told us to immediately shut our Wi-Fi off and power off every single device we had including our computers and our smartphones.” Aside from the temporary joy of possible assignments being delayed due to the wifi outage, students and teachers felt worried and unaware of many things, including the situation itself, and little information was being shared about what was happening at its onset. 

However, the situation began before February 7th. According to Chief Information and Technology Officer Dr. Jonathan King, Riverdale became aware of unauthorized activity on their firewalls two days earlier on Wednesday, February 5th. The technology department quickly determined that an unauthorized user was attempting to access internal Riverdale systems. The next day, the school announced a snow day, and classes were canceled. Dr. King explained that he and the Associate Director of Operational Technology, Mr. Martinez, rebuilt the four firewall systems during that day. Finally, on Friday the 7th, printers stopped working and the school became aware of inappropriate and unauthorized access to school equipment. Dr. King said he, along with Mr. Martinez at the Hill and Ms. Rowley at the River, pulled all the cables out so there was no internet on campus. This was necessary to protect the school’s cybersecurity. That’s why the Wi-Fi was shut down, and Riverdale faculty got the call. 

The unauthorized party that accessed Riverdale’s systems is called ransomware. Ransomware is software that tries to gain entry to systems it is not permitted to have access to. Once ransomware enters the system, it encrypts the system so its owner no longer has access to it. Then, someone behind ransomware declares that the owner has to give the ransomware group money to regain ownership of or to delete the data it stole. Riverdale chose not to pay under the reasoning that you can’t trust a thief to give you back and delete the data once they are paid. 

Fortunately, the tech department has been able to restore all the systems from backups that weren’t compromised. Dr. King described how he and his team spent all weekend working to fix everything disrupted by the perpetrator so students and faculty could come back to school and be able to print. The IT team knows everything the perpetrator took and is responding appropriately to each case. They have identified that ransomware only has access to internal servers, which store very little community-facing data. However, Dr. King notes that some disrupted areas haven’t been fixed yet. 

Ultimately, while components of the way Riverdale responded to the issue worked well, some elements unquestionably could’ve been improved. Dr. King identified that the promptness with which he was notified that there was an issue with the systems was a positive. Also, crediting the Technology Department, Riverdale fortunately had backups for the systems because without the backups, Riverdale would have needed to rebuild everything, including user accounts, passwords, and more. Additionally, Head of Upper School Mr. Mike Velez commented on way the school responded:  “I thought the school responded in a way that relied on the expertise of the people here on campus who knew about the situation and knew how to manage these types of moments, and also through guidance from various kinds of outside groups that were consulting the school on how to manage it overall.” He believed that Riverdale was able to find the “balance between acting swiftly with as much information and guidance as possible.” Mr. Velez also added that the school communicated as much as it could while trying to ensure that they communicated a “fully accurate picture” of the situation. 

Conversely, the student body noted that communication was the main critique for how Riverdale responded to the issue. Mr. Velez commented that “the timeliness of communication and the depth of communication that was provided” could’ve been a negative for some students. Tanya Verma agreed and explained, “in the initial email from the school to the parents, they did not mention the hack…, they did address the hack in later emails, but I feel that the school should have been more transparent, but I know they didn’t want to worry the parents.” 

On a separate note, Dr. King also commented that there is a need for more advanced security software, and the team is working on it right now. Mr. Velez also noted how “moments like this offer the chance to kind of step back and reevaluate systems and structures that are in place for safety and security purposes” and how this could provide the IT team a chance to reflect on cybersecurity measures in place and increase them or research what increasing the safety of our cybersecurity systems would look like. 

The situation overall created an opportunity for Riverdale to reflect on its cybersecurity systems and the procedures set in place for these types of events. To continue this period of reflecting and learning, here are some safety tips from Dr. King. He recommends using a password manager and having long, unique, random passwords for all websites. He stated that the worst thing you can do is use the same password over and over again. He also advises switching from password to passkey and enabling Multi-factor authentication. Taking these steps is a great way to protect your data from organizations like ransomware and similar situations in the future.