The Valley News has been selected to add two journalists — a photojournalist and a climate and environment reporter — to our newsroom through Report for America, a national service program that boosts local news by harnessing community support.

Please consider donating to this effort.

Vt. Law School Preps Against Cyberattacks

Valley News Staff Writer
Published: 4/30/2017 11:17:39 PM
Modified: 5/1/2017 12:53:42 AM

South Royalton — Vermont Law School has spent the past several weeks beefing up its digital defense system after a massive cyber-attack temporarily shut down the Internet and computer systems at the school.

“We continue adapting,” Sean Lee, the general manager of information technology at VLS, said Thursday. “As the world changes, so do we.”

Lee said he first became aware of the attack in the early hours of Saturday, March 17, when a variety of electronic devices in his home began displaying large numbers of unusual error messages, as the school's servers and systems sent out automatic warnings that they were being assaulted.

By 6 a.m., he said, he and three other members of the IT team were onsite at VLS, the beginning of a 48-hour, nearly nonstop effort to secure the school’s data and restore basic functions, like email and Internet access, to students, faculty and staff.

The team also reported the incident to the FBI.

While systems were mostly back in place by Monday morning, Lee said the attack led the school to implement a variety of security upgrades — new software, new hardware, new policies and new business partners — in an effort to forestall a repeat.

“You could describe it as overkill, but in this area there’s no such thing,” Lee said. “We’ve implemented some security measures from the banking industry. A couple that are in use in the medical industry. We’re taking it to levels previously considered and even intended, but we've ended up even further.”

The school hired two independent digital security firms to investigate the extent of the attack, and conduct an assessment of the school’s systems. VLS implemented further changes based on feedback, according to Lee.

He said that some form of most of the changes were already scheduled to happen this summer, but that the attack prompted the staff to move quickly.

Meanwhile there are unresolved questions about the attack.

Lee said the school is unclear about who targeted the institution, or why.

“From what we know, the goal was to effectively make us inoperable,” he said.

But there’s a chance that the VLS wasn’t even specifically targeted, he said. It could have been the result of hackers who set loose a malware attack without directing it to any one institution.

“The means by which we were infected could have been automated, and the infections spread from system to system where access was possible,” Lee said. “The actual nature of the malware, I can’t comment on, because it’s the subject of an ongoing federal investigation.”

A spokesperson from Vermont’s FBI office confirmed that the agency was investigating the incident, but declined further comment, referring questions to the U.S. Attorney’s Office in Burlington.

Kraig LaPorte, a spokesman for the U.S. Attorney’s Office, said that, in keeping with policy, he could not confirm or deny that the office is involved in the investigation.

However, he said, there are prosecutors within the staff who have familiarity with such crimes, which are complicated by the fact that they often cross jurisdictions.

“That is certainly, the challenge is that cyber-crime can happen from anywhere,” LaPorte said. “That’s the challenge that investigators face.”

“Billions of dollars are lost every year repairing systems hit by such attacks,” according to the FBI website. “Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services around the country.”

Vermont state officials have said that in a typical month, the Vermont government’s website repels literally hundreds of thousands of cyber attacks.

In March, the Vermont Department of Labor announced that 182,000 JobLink accounts a job posting network used in several states, had been compromised in a cyberattack.

Attacks are also getting more costly for victims.

FBI data shows that in 2007, the FBI received 366 complaints in the state of Vermont, which resulted in $320,000 in losses to individuals and businesses, while 2014 had the highest losses on record, at $1.2 million.

Large scale Internet-based attacks on institutions have become commonplace, particularly at educational institutions like VLS. For a variety of reasons, schools are becoming increasingly attractive targets, one reason why 10 percent of reported security breaches happen in the education sector, according to a 2014 report from Internet security firm Symantec.

In 2014 alone, educational institutions reported 31 data breaches that exposed the private information of nearly 1.4 million people, according to Symantec.

At VLS, Lee said, no private data, such as personnel records or student transcripts, was compromised.

“From what we've seen, our outside investigation organizations have confirmed there was absolutely no data access,” Lee said. “There was no attempt to access it, and if there had been, it would have most likely not succeeded.”

The school doesn’t yet know how much the attack cost, not only in expenses directly associated with the shutdown, but in the short-term, and long-term, responses.

Lorraine Atwood, the VLS vice president of finance, is currently calculating the cost, said Lee, which will be submitted to an insurance company for partial reimbursement under a cyber-liability policy.

Matt Hongoltz-Hetling can be reached at or 603-727-3211.

Valley News

24 Interchange Drive
West Lebanon, NH 03784


© 2021 Valley News
Terms & Conditions - Privacy Policy