NSW Education Department Cyberattack As Term 3 Resumes


Staff Writer

Initially described as scheduled maintenance, a cyberattack on the NSW Department of Education’s IT systems saw student and teacher online portals get deactivated last week.

The cyberattack occurred mid-afternoon on Wednesday, July 7. Teachers preparing for the resumption of term three on Monday could not access email or a range of online learning materials.

Teachers were initially told via email the outage was for a system upgrade.

“To ensure the department is well placed in continuing to support remote teaching and learning, we will be undertaking essential system upgrade activities,” the NSW Department of Education email to teachers read.

“These upgrades may result in some service and access disruptions over the next couple of days. During this time, we encourage you to go to our website for all information and updates.”

However, on Thursday, NSW Education Minister Sarah Mitchell confirmed the cyberattack on social media.

“I’ve been informed the Department of Education has been a victim of a cyber-security attack. As a precaution, all systems have been taken down,” she posted online.

The NSW Department of Education acknowledged the cyberattack on the same day and said several internal systems had been deactivated as a precaution.

The Department has not said whether the cyberattack was a ransomware attack or if the attackers stole any data.

“Our teams have been able to isolate the issues,” NSW Education Secretary Georgina Harrisson said on Thursday. “I am confident we will have the issue resolved soon and want to reassure teachers and parents that there will be no impact on students learning from home next week.”

Over the weekend, Ms Mitchell confirmed systems were coming back online. She said the focus was on restoring emails, Zoom, Microsoft Office and Google classroom in time for Monday’s classes.

The outage threw term three preparations into disarray, occurring hours after the NSW Government confirmed most students would learn from home as term three begins.

Cybersecurity experts say government departments are particularly vulnerable to cyberattacks. Such Departments hold large amounts of personal data. For the Department of Education, that vulnerability rises as remote learning and home-schooling increase.

“The increased reliance on e-learning has made schools in Australia and many other countries an even bigger target of opportunity than before,” says Simon Howe, LogRhythm’s Vice President Asia-Pacific Sales. “If the technology is taken down, lessons come to a complete standstill. This will likely not be the last attack targeting schools.”

LogRhythm says the rise of e-learning is creating new security challenges as the attack surface is increased. Teachers and students may also be more likely to engage in risky user behaviours outside of the familiar school environment.

While Ms Harrisson has moved to reassure teachers and parents that it will be business as usual on Monday morning., she says learning materials are being posted on the department’s public website as a backup plan for home-schooling.

Meanwhile, NSW’s top education mandarin says Cyber Security NSW is involved in resolving the outage. Investigations by NSW Police and federal agencies are also underway.