After a ransomware attack two weeks ago, Roseburg Public Schools has more answers on the attack’s origin and is hoping to have its email and website up and running by the end of the week.

Superintendent Gerry Washburn said the FBI believes the attack occurred using remote desktop protocols, rather than malware attached to a staff member’s email.

Remote desktop protocols were developed by Microsoft to allow those who work remotely access to office computers. Version 8.1 of the protocols enabled a “restricted admin” function, which left the system vulnerable to hacking. Microsoft released an 82-page document explaining how to mitigate attacks, which are called a pass-the-hash attack.

He said the district isn’t releasing specifics on how the attack is being resolved, but noted that a report is forthcoming.

Washburn said he’s expecting to receive an update about the district’s servers by Thursday from Navigant, the data recovery company.

“Initially we will only be able to send and receive new emails. Email history will be available to staff on the computer they normally used to send and receive email. Once the system is up and running, IT staff will have to scan email histories to ensure they can be safely uploaded to the new email platform,” Washburn said in a statement.

Saphara Harrell can be reached at 541-957-4216 or sharrell@nrtoday.com. Or on Twitter @daisysaphara.

React to this story:


Crime Reporter

Saphara Harrell is the crime and public safety reporter for The News-Review. She previously worked at The World in Coos Bay. Follow her on Twitter @daisysaphara.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.