小蓝视频

Skip to content

Holy Family beefs up computer network security

The computer network for the Holy Family Roman Catholic Separate School Division has been beefed up with up-to-date cyber-security, following an attack by hackers last fall on school board trustees and the school division employees.

The computer network for the Holy Family Roman Catholic Separate School Division has been beefed up with up-to-date cyber-security, following an attack by hackers last fall on school board trustees and the school division employees.

The trustees heard a report earlier this month on a network vulnerability assessment carried out on the computers used by Holy Family employees and board members, and what measures have been taken to strengthen the system and make it safe.

鈥淓ducation is currently under fire in this area, which came as a surprise to me,鈥 said Chad Fingler, superintendent of school operations for Holy Family.

He pointed out that hackers were apparently looking for any personal information they could possibly get, such as social insurance numbers or health care numbers, which could then be sold to the black market.

Hackers use such methods as Trojans or ransomware to extract information, he said, explaining that Trojans are programs within programs that give a hacker the ability to lock down an organization. Ransomware has been used to lock up an organization鈥檚 data until a ransom is paid, usually by bitcoins.

Holy Family asked IBM to come in and do a network vulnerability assessment, and they compiled a list of the issues in Holy Family systems that were fixed, said Fingler. The school division also arranged to have them come and educate their staff on what they should and should not do with their emails and Internet use, as well as to keep on top of the trends of what hackers are going after.

Kyle Hambly, a computer-network support technologist for Holy Family, explained that a 鈥減hishing鈥 attack occurred on Holy Family in the fall of 2017 to the email accounts of a number of staff and board members.

As Hambly explained, there are numerous types of phishing, and the type used in this case was emails disguised as coming from Holy Family or from the Saskatchewan School Boards Association (SSBA), with the goal to gain access to a computer or a program or its network. He was able to catch a 鈥減hisher鈥 and found that the hacker was sending e-mails using a Holy Family address.

鈥淲e decided to go with IBM, since they built our infrastructure initially. They are an international company with a high level of expertise, and they are up-to-date on cyber-attacks,鈥 said Fingler, who noted they were able to provide security that is appropriate to a school or school division.

In a report card on the Holy Family鈥檚 cyber network, 17 per cent of issues were deemed as 鈥渃ritical,鈥 12 per cent were high, 54 per cent was medium and 17 per cent of issues were considered as low-risk, with 76 items that IBM determined needed attention.

鈥淚n the big picture, we鈥檙e not that far from the national average, although we were a little higher in critical areas. They were internal things that were easy for us to manage,鈥 said Fingler, explaining that both external and internal scans were made of the computer network.

One of the good points is that employee emails are not readily available on the Internet, and there were no critical external threats to Holy Family鈥檚 network, he added.

Holy Family were encouraged to ensure they use good secure passwords that aren鈥檛 duplicated in use anywhere else, said Hambly, noting some people will use a 鈥渄efault鈥 or 鈥淕olden Ticket鈥 password, the same for all of their accounts or Internet activities. This is a practice he urges all computer users to avoid doing, as it could expose them to 小蓝视频 hacked.

鈥淵ou should change passwords regularly, and keep a combination with upper and lower case with numbers,鈥 said Fingler, adding the most common password in the world is the number sequence 鈥1-2-3-4-5-6.鈥

Internally, most administrators are limited to what they can access, mostly on a 鈥渘eed-to-know鈥 basis, with only two or three staff who have the proverbial 鈥渕aster key鈥 to the computer network at Holy Family, explained Fingler.

There will be a followup vulnerability assessment done of Holy Family鈥檚 system once a year from now on, he added, and in the meantime the experts at IBM can called on anytime something comes up that they need to deal with in terms of cyber security.

Staff member Lynn Colquhoun pointed out that she will refuse to accept any emails of a personal nature sent to her from a business email account, because she doesn鈥檛 want to expose any business to possible attacks through her email.

push icon
Be the first to read breaking stories. Enable push notifications on your device. Disable anytime.
No thanks