720-891-1663

Alerts, Hacks, Security Practices

Uvalde Schools – Lesson to Learn

Leave a comment

Uvalde was already famous – too famous. You may remember that in 2022 Uvalde was the site of a mass shooting where 19 elementary school children and two teachers were killed and 17 more were injured. It is the third deadliest school shooting at an American school. Police were not trained and they waited for an hour and 14 minutes before law enforcement, in this case a border patrol tactical unit, entered the school and ended the violence.

They were not prepared and were not equipped from a training standpoint to deal with a situation like this. Uvalde is a small town of about 15,000. It is a poor town on the US-Mexico border.

Compare this to this week’s Evergreen, Colorado, high school shooting in which the sheriff deputies were on site in two minutes, entered the school in 5 minutes and ended the attack within 9 minutes of being dispatched. Unfortunately, law enforcement in Colorado has had too much practice.

This was not a cyber incident but this week Uvalde is back in the news with a cyber incident and still not prepared.

This is an opportunity to learn and I am not picking on them. The public sector is an easy target and hackers know it. They just happened to be the victim. Again.

This time it was a cyber (ransomware) attack. The Uvalde Consolidated Independent School District is a district of only 5,000 students. The attack shut down schools this week and we will see how long it takes them to recover.

They said that the attack affected access to phones, AC control (I assume HVAC and not AC power), camera monitoring, visitor management, Skyward (a student information management system) and more.

How did the attackers affect ALL of these systems? Short answer: BAD network design and lack of security controls.

They are only one of many public sector entities losing this fight. Locales in North Carolina, Ohio, Nevada, Minnesota and Texas are all fighting cyber attacks in the last month.

So why is this happening? Well there are a lot of reasons, but here are some.

The feds cut funding to a group called the MS-ISAC or multi-state information sharing and analysis center. Apparently, warning the state, tribal and local public sector entities of cyber attacks is not a priority for this administration.

The feds also cut the flow of grant money that has flowed to these organizations over the last few years. No money means things like laying off cybersecurity staff. The result of that is becoming clear quickly.

I appreciate the funding challenges the feds have, but the result is going to be a lot more of this. A lot more. Hackers don’t care that the feds want to save money and they don’t care that local governments don’t have the money or expertise to protect themselves. Hackers know that even if the schools don’t pay the ransom they can still sell the data on the dark web.

When schools moved away from an 1800s era learning style – using dead trees (paper books and Number 2 pencils) to a 21st century learning style (iPads and computers), they didn’t plan for cyberattacks. You might say that this is poor planning on their part and I am not going to argue this one way or the other, but this is what we are dealing with.

So how did the attack take out all of the critical infrastructure like cameras and HVAC? While they are not saying yet, I would say that there was not sufficient isolation between, say, the student or teacher network and the IoT network. Actually IoT networks (plural). That was not needed in the 1980s, but we should not be building networks for the 1980s. We still are. The hackers say thank you.

Some parents are now concerned that school issued iPads that students brought home will infect home networks and steal parent’s sensitive data.

Others criticized the district because their head of IT resigned and, I gather, has not been replaced. Maybe, they said, we would not be here if that had not happened.

Othered tied this event to the HANDLING of the Robb Elementary shooting event, meaning lack of transparency.

The unfortunate part is that due to lack of money and the continued requirement to bring technology into the education process, this is only going to get worse. Probably a lot worse before we figure out how to fund cybersecurity in the public sector.

The hackers know that the public sector is a “soft target”, meanly poorly protected, and is going after it aggressively. After all, they can, worst case, sell the data they stole.

If you don’t want to be the next Uvalde and fall to cyber attackers then you have to harden your network. Without even asking for the details I can tell there are things they didn’t do that they should have done. No one wants to spend money that they don’t have to, but cybersecurity is not optional. Most attacks are targets of opportunity meaning that if your network is harder to compromise than the business next door, hackers will go next door.

Need assistance? Please contact us.

Credit: News4 SanAntonio and The Record

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2026 CyberCecurity, All rights reserved. Privacy Policy