HCPS recovers, adapts from network hack

A recap and explanation of the county-wide internet troubles from mid-March

Photo Anna Woodward

A graphic illustration depicting a computer and WiFi symbol, connected to HCPS with text underneath.

Anna Woodward, Editor-in-Chief

As students and teachers eagerly awaited Spring Break, the day came to a halt in the form of a grudgingly slow loading screen. HCPS recently experienced a network hack, leaving students and staff on campus to rely on hotspots and asynchronous learning if at home.

The hack’s effects carried on throughout multiple days leading up to Spring Break, with the most recent and significant point in the timeline being March 23.

“HCPS (Hillsborough County Public Schools) Information Technology Services, with the assistance of Spectrum, Fortinet, and Arbor, has identified that the recent network outages were caused by a Distributed Denial of Service (DDoS) incident on the Spectrum managed Fortinet security system with the intent of causing internet outages,” HCPS Chief Technology Officer Jeremy Bunkley said in a statement. “Four (4) of the multiple attempted DDoS incidents were successful in causing internet outages during the school day.”

While the hack was widespread, its intent appeared to be slowing down the network, not stealing information. Since HCPS must protect underage users on its network, they follow more standards than the average corporation, including stronger firewalls and filters.

“What these people do is they [come into] lots of servers across the world and they start flooding your network and transactions. On a network level, it can spawn other transactions, so let’s say normally we could be one in 1,000 transactions a minute,” Robinson Technology Resource Jack Miles said. “When they flood it, it’ll jump to 100,000 transactions a minute, so it fills up your network and things can’t get through.”

For biology teacher and Science Department Chair Kristina Chiodo, the network troubles pose a risk to moving forward. Chiodo teaches some classes that are fully-online; when the system goes down, her students resort to working asynchronously on Canvas and Edgenuity, a program designed for virtual learning. This aspect allows her to maintain a pace within the classroom, but not without its own set of frustrations.

“It’s difficult when there’s WiFi [troubles]. I cannot Zoom with the students, the only fortunate thing is that I build Canvas modules in advance so I’m able to use Remind to tell them to just work on the lessons that are posted, but I can’t do any individual instruction, I can’t answer any questions for them,” Chiodo said. “It’s all asynchronous at that point, so it’s frustrating for the students and for me.”

Due to precedence and efficiency, there is a need for a larger district response instead of individual schools seeking solutions. Even with motivations and perpetrators unclear, HCPS and schools are instructed to work with higher authorities.

“Once [the hackers leave] our school, we can’t really check, so you have to call Spectrum, you have to call a security company who deals with this stuff, you have to notify the police and FBI, it turns into a big deal,” Miles explained. “The solution for this is that you try to block the IP addresses, all these servers [that are hacking]. It’s difficult to be done because they can change addresses every day.”

With the safety and accessibility of its users in mind, HCPS has been working to resolve the issue and ensure future security. This involves identifying the incident, upgrading current resources and implementing additional measures.

“To combat this issue, we have put additional measures in place to reduce the impact of this type of incident significantly…” Bunkley said. “HCPS has now moved to proactive DDoS mitigation by Arbor, which will actively monitor our network and help to prevent future network outages due to DDoS incidents.”