Earlier this week, I had an opportunity to look back on the work our department undertakes each day and appreciate how important it really is, and how attention to detail can make all the difference.
Shortly before noon on Tuesday, we received an alert about an active cyberattack campaign targeting various firewall and “edge” devices across the globe (devices that connect and monitor internet services, and provide security). The attacks were linked to a sophisticated cybercriminal organization, which exploited a recently discovered vulnerability in WatchGuard Firebox firewalls to gain access to numerous organizations and install ransomware on their computer systems. This type of malicious software searches for and encrypts files, folders, and drives before anyone has time to react, forcing organizations to pay the ransom, or restore their files from backup (if possible).
With two of our own Fireboxes in production on the network, we scrambled to investigate and determine what could be done to remediate the problem. After a series of phone calls and emails, we found we could patch the devices to fix the vulnerability. The catch? The update required multiple restarts, disconnecting internet and external phone service on both campuses. Due to the nature of the incident, we were being advised to apply the patch immediately, as another school nearby was hit earlier in the day.
As we prepared the update, I drafted an email announcing the problem and imminent shutdown as we saw no choice but to proceed with the restarts. We consulted with our vendor one last time to set a time for outage, and compared the update version with our current systems to ensure we had the right patch. That’s when I heard the good news.
We had already patched the system at the beginning of Winter Break, two days after WatchGuard announced their discovery and issued a warning to customers. The firmware versions matched and there was no need to install a new update. Instead of sending that email, I moved it to the Trash and went to lunch.
By staying vigilant to cyberthreats and patching our computer systems regularly, we were able to prevent a potential catastrophe. More importantly, we fulfilled a core duty of our department by keeping the school operational so learning could continue without disruption, simply by installing an update. Our policies and procedures focus on this core responsibility, and this issue highlights the importance of regular security updates in a constantly evolving cyberworld.
Well done FCIT! Due to your wise advance work, you saved us from a crisis! Hooray!
Thanks, Alice!
Grateful to our wonderful tech team for all the work you do behind the scenes to support the School! Thank you for pulling back the curtain to give us a sense of how some of this work plays out.
Appreciate the kind words!