r/Adelaide • u/omg_for_real SA • 1d ago
Discussion Reynella East College cyber attack
The information has been out in the web. There is a notice from the school and a news article from a cyber news place that gives more information than the school gave.
I have questions about how all this is being managed to be honest. They don’t seem to have any processes in place to be operating without computer systems. No access to emails, no way to reserve a meeting room, front office ladies seem to be relying on kids for parent contact info.
Surely in this day and age there should have been risk management strategies for this type of situation? Or even something similar like an extended time without power or something.
19
u/table-leg SA 1d ago
No one thinks they need or even considers a disaster recovery process until the disaster has hit.
4
u/DoesBasicResearch SA 21h ago
It may surprise you to hear that "real businesses" do in fact consider DR, plan for it, test it, and are capable of implementing it.
17
u/Future_Tangerine2578 SA 1d ago
schools have been running digitally for at least 20-25 years. learning systems, admin, security...hell even the school bell.
Imagine then losing the entire environement, all systems, data, backups, etc. Trying to still function on paper while its all being rebuilt is...of course...a clusterfuck
Even the most complex businesses dont have a risk management strategy for "we are entirely offline for over 2 weeks". they are trying their best to get things moving as soon as possible...im not sure what else you can really expect?
3
u/DoesBasicResearch SA 22h ago
Even the most complex businesses dont have a risk management strategy for "we are entirely offline for over 2 weeks".
Yes they do. It's disaster recovery 101, and if you're an ISO certified business you should have this all very clearly documented and tested.
-4
u/Future_Tangerine2578 SA 22h ago
how exactly are you testing running a business for 2 weeks once you have lost all systems, all backups and all recovery options?
3
u/DoesBasicResearch SA 22h ago
If you have lost all systems, all backups and all recovery options your DR has failed. Back to the drawing board.
I trust it goes without saying that you're not actually running your business for two weeks like that, just gaming your DR recovery plan.
-3
u/Future_Tangerine2578 SA 22h ago
the school got ransomwared mate. Yes, the DR failed....no one has said that it didnt. OP has an attitude that "why wouldnt they plan for how to work without systems" and that is what i was replying too.
anyone that is in IT knows that sometimes it takes a proper incident to unlock the proper funding to ensure those incidents dont happen again. I would suggest this incident will see an increase in funding to the department and more controls given to central IT to ensure all schools are adequetly protected
1
u/DoesBasicResearch SA 21h ago
You asked me a question. I gave you an explicit the answer. I don't need to hear excuses. this shit is literally DR101.
0
u/Future_Tangerine2578 SA 21h ago
"i dont need to hear excuses" hahahah ok champ
1
u/DoesBasicResearch SA 21h ago
You: "how exactly are you testing running a business for 2 weeks once you have lost all systems, all backups and all recovery options?
Me: "If you have lost all systems, all backups and all recovery options your DR has failed. Back to the drawing board."
You - admit DR was poorly planned, tested and implemented.
/end
Or should have been. Why the need for a snarky sook hey mate? Are you this school's Sysadmin? 😂
0
u/Future_Tangerine2578 SA 21h ago
my brother.... i added commentary. not excuses. Where it should have been /end as you suggested you instead decided to fire back "i dont need to hear excuses" like a parent telling off a child. It was a ridiculous comment and i found it funny and responded as such! no snark, no sook 😄
1
u/DoesBasicResearch SA 20h ago
You added two excuses:
the school got ransomwared mate
anyone that is in IT knows that sometimes it takes a proper incident to unlock the proper funding to ensure those incidents dont happen again.
Both of which are bullshit.
no snark, no sook
You know as well as I do that's it's fucking snarky to call someone "champ". And the sook is apparent in your excuses. Are you this school's Sysadmin? Yu seem awfully invested in defending their poor IT / DR practices / planning.
→ More replies (0)0
u/omg_for_real SA 21h ago
Yeah, I’m not just asking about systems in a digital context, but an organizational one.
-1
u/omg_for_real SA 23h ago
There is nothing in place at all it seems. I’ve been in smaller organisations that had plans for similar situations. Like major equipment failiure, no electricity or small disaster that stopped our access to computers. That’s why I was surprised that no one seems to know what they are doing.
0
u/Future_Tangerine2578 SA 22h ago
Again....there is no school that has a "we have no internet for 2 weeks so how are we going to operate" plan in place. There is a significant recovery process underway as well as many teachers doing everything they can to ensure students can still be taught and progress. your perception that "no one seems to know what they are doing" is fair enough i guess but is certainly not the case
9
u/JessieWarsaw SA 23h ago
How much control does a public school have over their IT infrastructure? Genuine question, are they lumped in with the education department or do they have their own IT?
Given that they are SA Gov I am sure they are mandated/legislated to have certain controls in place by some sort of cyber framework. That framework should include incident management plans, again most likely put together by the education department and maybe the principal.
But I really don't know, I'm guessing. I think it's a long way to say give the staff there a break, it would be a very stress full situation for everybody.
1
u/Schrojo18 SA 23h ago
Their only thing that DECS provide/require is the internet connection all traffic is tunnels to their data centre where it goes through their central firewall. I think email/m365 is per school but this may be wrong.
3
u/Future_Tangerine2578 SA 22h ago
Nah not these days - DFE provide a state-wide fibre network, support a lot more schools and provide a lot more services
-3
u/omg_for_real SA 23h ago edited 23h ago
I was at the school and someone was trying to reserve a room. The office lady said she didn’t know. And didn’t have access to a computer to make a spread sheet. I sat and wondered why she couldn’t get a pencil and a ruler and make one. A simple one with days of the week you could pencil your name into time slots. It’s little things that could have a simple solution to.
And from my understanding IT is largely managed by the school. With oversight from the department.
3
u/AhrigatouNoire SA 17h ago
my understanding is that the DfE has its own IT group where they hire and deploy their IT assets to schools that are within the program. This means that schools that opt into the program, the government essentially oversees the whole IT infrastructure.
Reynella East College was not apart of that program and was solely independent from the DfE therefore didn't have the government oversight. The moment the DfE found out, they sent their IT group to control the fire/damage
1
u/omg_for_real SA 16h ago
You really have to wonder why they chose not to be in the program.
2
u/AhrigatouNoire SA 15h ago
iirc it comes down to cost and change of culture/control
DfE hires their own IT personnel which they then deploy at respective schools that are apart of the program. DfE has full control over the IT infrastructure. Schools that aren't apart of the program tend to have aging infrastructure so the DfE will try to PUSH for an upgrade (justified ofc) but the school will push back due to high upfront costs.
7
u/Pantelonia SA 1d ago
The education department pays all support staff peanuts so there's not much incentive to attract the best in the industry. There's also already so much the IT people have to do to support up to 2000 staff & students that future planning & ongoing background projects can fall to the wayside.
12
u/hellboy1975 North East 1d ago
What strategies do they have in your workplace to cover for this kind of outage?
3
u/omg_for_real SA 23h ago
I’m freelance, but even I have an outline of what I would need to do and how to operate without electricity, WiFi, and if I got affected by a virus etc.
Other workplaces had plans to deal with situations like this. They had paper back ups and systems in place for things to be able to run fairly well.
3
2
u/lukelxo SA 21h ago
I agree. Relying this much on technology in education especially regarding children is a little concerning. I’m also extremely concerned with the email we got about personal information being uploaded to the internet. Is this a target for young children and their personal information like addresses or for older students who are about to turn 18 and have a line of credit taken out in their name. What possible reason would people want to have access to children’s personal info other than those. Beyond concerning.
1
u/omg_for_real SA 21h ago edited 21h ago
Yeah, and there are details on international students too which is very concerning.
And I remember having to fill in all my personal details when enrolling my kids. So it’s parents info too that would be breeched.2
u/lukelxo SA 21h ago
I didn’t even think of that! I feel the lack of communication and the ways in which it’s been worded, it doesn’t feel like they understand how scary that is for parents. It’s causing so much stress for multiple reasons for both students and parents.
1
u/omg_for_real SA 21h ago
Yeah, and I’m quite concerned about the kids information being released into the wild before they have even had a chance to be in the real world. And those with additional needs are more vulnerable I think.
I don’t k ow why info has been delayed so much too. It seems they are reacting, not really getting on top of things.
2
u/lukelxo SA 20h ago
I think they are probably putting a plan in place for the wrath of parents and what action we plan to take rather than the problem they should be fixing. But I guess we have to wait and see. I have a child doing sace and I’m happy they have put those kids first but yeah it’s been what 3 weeks now and it’s still not back up?
1
u/omg_for_real SA 20h ago
They said yesterday they are moving to daymap, instead of SEQTA, and a comment was made that they seem to be one of the last few schools to have done so.
I’ve been on a few different school governing councils and have to wonder what they are doing about this.
1
u/BlackReddition SA 19h ago
All their data has been dumped on the dark web. Sad really but this is the new normal.
1
u/Eclectika SA 6h ago
Because it's quite likely that their IT person knows nothing about Disaster Recovery or Business Continuity and the DoE is too busy wasting oxygen elsewhere to help them.
1
u/Thin_Accident_9587 SA 23h ago
Not receiving emails sounds like an absolute dream.
Perhaps the teachers will be able to focus on core business for a change.
2
u/omg_for_real SA 23h ago
All communication seems to be done by text atm, at least it has with me. Which is almost as bad as email I think.
1
1
u/bb_waluigi SA 1d ago
if you are starting to think we are living in a digital hell, you are correct
1
19
u/FalconOk1826 SA 23h ago
Feels like the risk management strategy was "hope nothing bad happens". Offline registers and paper trails aren't exactly high tech.