HUMBLE, Texas – The Humble Independent School District is back online after experiencing a cyber attack during the first day of virtual learning Tuesday.
Humble ISD Superintendent Liz Celania-Fagan took to Twitter to inform everyone of the virtual attack while urging other students already online to stay on.
“We are working to resolve now,” Celania-Fagan said. “Students who haven’t already logged on to their student gmail accounts cannot log in to student email accounts until it is resolved.”
The My Humble server is experiencing a cyber attack. We are working to resolve now. Zoom, teacher websites, etc. work fine. Students who haven’t already logged on to their student gmail accounts cannot login to student email accounts until it is resolved. Students who have stay.— Liz Celania-Fagen (@ElizabethFagen) August 11, 2020
The superintendent later tweeted that the My Humble server was experiencing a cyber-attack called “denial of service” and said the district’s extra security for students requires them to go through My Humble.
The My Humble server is currently experiencing a cyber attack called denial of service. We are working to isolate and resolve. Zoom, websites, adult emails etc. all working fine. Our extra security for students requires them to go through My Humble. @HumbleISD If on, stay on. 🙂— Liz Celania-Fagen (@ElizabethFagen) August 11, 2020
Nearly 30 minutes later, Celania-Fagan said the service was back up for students who hadn’t logged in to log in.
A denial-of-service attack aims to shut down a computer or network by flooding the system with traffic or sending a signal that causes a crash.
Experts: denial of service attacks are common
While Tuesday’s hiccup caused a brief scare, cybersecurity experts said parents should not be worried.
“This is nothing worth panicking over,” said Dr. Chris Bronk, assistant professor of computer and information systems and associate director of the Center for Information Security Research and Education at the University of Houston’s College of Technology.
Bronk said denial of service cyber-attacks are common. In understanding how they work, he said to think of a full mailbox that continues to get stuffed with mail. At some point, the mailbox reaches full capacity and no other mail can fit. That’s what happened to the server in question Tuesday morning, he said. In the analogy, the mailbox is the server and the mail represents the requests trying to gain access.
“As the requests become too many, the server doesn’t have the capacity to determine what’s bogus and what’s real and it just fails,” Bronk said.
He did not suspect the issue was too many students trying to get in at once, but rather than a type of cyber attack.
“That’s an interesting question. I assume the IT people within the district know the difference between the two,” he said.
Bottom line — they happen.
“It’s just noise. Just noise into the system and the system has to cope with it,” said Nick Hampson, head of security engineering for Check Point Software’s Southern United States division. The cybersecurity company tracks attacks similar to this. Hampson said while common, tracking the source of a denial of service attack is tough.
“The school districts, unfortunately, smaller local municipalities are the low hanging fruit for either ransomware or cyberattacks,” Hampson said.
Humble ISD: we continue to update cybersecurity
In a statement Tuesday, a spokesperson for Humble ISD said, “a senior security expert has investigated and evidence shows a Denial of Service cyberattack.”
The statement continued, “We are continuing to update cyber security to protect the network.”