FDLE Closes School Testing Cyberattack Investigation
Follow CBSMIAMI.COM: Facebook | Twitter
TALLAHASSEE (CBSMiami) – The FDLE's investigation into a cyberattack on school testing systems last March has been closed.
The cyberattack disrupted the administration of the Florida Standards Assessments in March and prevented students from logging on to take the test, but the test itself and student information was never breached, according to the Florida Department of Law Enforcement. The security procedures utilized by private entities assisted in the mitigation of these attacks, according to the FDLE.
The cyberattack was launched against a Department of Education subcontractor.
This case was a Distributed Denial of Service (DDoS) investigation. In this DDoS attack, numerous computers and networks accessed the victims' server. In this case, FDLE uncovered in excess of 29,000 IP addresses that were potentially utilized to launch numerous attacks against the subcontractor.
The flood of these incoming messages or connections blocked legitimate traffic (test takers) from accessing the server and the test or slowed these connections to the point of impacting test delivery. In attacks like this, the owners of compromised computers or users on the compromised networks often have no knowledge that their technology has been utilized to facilitate a denial of service.
The FDLE said its six month investigation discovered some of the IP addresses used in the attack were based in the United States, but most were believed to be in foreign countries. FDLE did not identify a suspect or a motive for the DDoS attacks.
Education Commissioner Pam Stewart said, "I am incredibly grateful to Commissioner Swearingen and his team of investigators at the Florida Department of Law Enforcement for their prompt response to the cyberattack that affected so many of our state's students during statewide testing this spring. Most importantly, I want to reassure our state's students, parents and educators that, because of the nature of the cyberattack, no student information was accessed and the content of the assessment was not compromised. I am pleased that the additional safeguards were effective, and we will continue working with AIR to ensure they have all of the necessary protections to provide for a smooth testing experience this year."
