Home » Cyber incident affected SD5 computers

Posted: June 21, 2019

Cyber incident affected SD5 computers

School District No. 5 (SD5) Southeast Kootenay encountered a cyber incident on January 23 in which computers at the School Board Office and the Fernie Learning Centre were infected with the Emotet Virus.

The Emotet virus is primarily spread through spam emails (malspam) and which is received either through malicious script, macro-enabled document files, or malicious link. It is polymorphic, which means it has the ability to alter itself every time it is downloaded, allowing it to evade signature-based detection; the detection of specific patterns or known malicious instruction sequences typically used by malware.

Although the Emotet Virus was contained to the original infected network at the Board Office and all computers were immediately shut off, wiped and re-imaged, during this cyber-attack, the email files from the infected computers were jeopardized. The Malware was able to obtain email files from the infected computers and these emails may be forwarded onto other people, further spreading the contaminated Malware attachments.

Risks from this cyber-attack may include disclosure of personal, salary and/or confidential information including contact information such as address, phone number and email address.

According to Secretary-Treasurer Alan Rice, the district believes the risk is directed at emails being forwarded with Malware attachments with the intent to spread the Emotet Virus and not for the purpose of disclosing or using the personal information that may be found in the emails.

“The district contacted the Office of the Information and Privacy Commissioner immediately following the discovery of this email security breach, and we have been following all protocols provided by the Office, including sending out a release to inform the general public.”

In addition to the security steps outlined by the Privacy Commissioner, SD5 also purchased an additional Cybersecurity solution product to reduce future risk of emails being compromised, and is implementing Cybersecurity training for staff.

“We are still investigating the incident and will release more information as it becomes available.”


Article Share