The NSW Department of Education was hit by an apparent cyber attack on Wednesday.
In a notice published on Thursday, the department said it took precautionary measures, shutting down many of its systems including the online portal teachers were using in preparation for the new school term.
“The timing of this creates considerable challenges for staff as we prepare for the start of Term 3,” Georgina Harrisson, NSW Education Secretary, said.
“Thankfully, our teams have been able to isolate the issues and we are working to reactivate services as soon as possible.”
NSW Police confirmed for Information Age that its was made aware of the incident on Wednesday afternoon and its cyber detectives are investigating the matter.
With NSW heading into its third week of lockdown, students in the greater Sydney area will be forced to start the first week of a new term in online classrooms.
Some people joked on social media that the security came from a disgruntled ICT student looking to get a few extra days off school, likening it to the modern day version of pulling a fire alarm, but the education department assured students and teachers alike that systems would be back online by Monday.
“I am confident we will have the issue resolved soon and want to reassure teachers and parents that there will be no impact on students learning from home next week,” Harrisson said.
“Whilst we are confident all systems will be back online before Day 1, Term 3, we are making information to support home learning available on our public website so that preparations for the start of term can continue.”
The department has been a victim of a cyber-security attack. We are working with Cyber Security NSW to reactivate services as soon as possible.— NSW Dept of Education (@NSWEducation) July 8, 2021
We thank our staff for their patience.
Read more on: https://t.co/IGPPCDueMi
Few concrete details about the incident have emerged beyond the statement from the NSW Department of Education and confirmation from NSW Police, but the state government does have some form when it comes to being victimised in cyber space.
State departments were caught up in the Accellion data breach earlier this year including Transport for NSW which subsequently had 250GB of organisational data published to the dark web.
And Service NSW was hit by an attack on its email system – which was its primary method of data transfer at the time – that saw attackers disappear with 3.8 million documents affecting 186,000 NSW residents.
An investigation into that incident found Service NSW “did not accord with best practice cyber security measures” and the state’s cyber agency even admitted earlier this year that the NSW government had a low cyber security maturity level.