Miami-Dade schools: Continuing cyber attacks kept at bay

Deborah Karcher, chief information officer for Miami-Dade County Public Schools
Deborah Karcher, chief information officer for Miami-Dade County Public Schools MIAMI HERALD STAFF

A week after their attacks began, hackers were still trying to wreak havoc Tuesday on Internet connections in Miami-Dade County Public Schools as thousands of students took new standardized tests.

The district has been able to keep problems at bay by setting suspicious Internet traffic aside and quarantining it, said Debbie Karcher, chief information officer for Miami-Dade schools.

“We were able to isolate very quickly and hold them off. I know it sounds a little bit like a war, and it kind of is,” she said.

The Florida Department of Education announced on Monday that the debut of new standardized tests last week fell victim to cyber attacks. Students attempting to take the writing portion of the Florida Standards Assessment instead ran into blank, white screens after a testing vendor’s login server was targeted.

“It just made it impossible to get on,” said Department of Education spokeswoman Megan Collins.

The department did not say whether last week’s attacks on vendor American Institutes for Research servers have stopped. The Florida Department of Law Enforcement is investigating the attacks.

The threats have been described as denial-of-service attacks, which aren’t designed to steal personal information. Instead, they prevents users from accessing a website by swamping the site with useless data.

“It’s not a threat to security. It’s not a threat to confidentiality. It’s literally a denial of service. I’m prevented from doing my business,” said Michael Spring, an associate professor of information science and telecommunications at University of Pittsburgh.

Spring said hackers typically use this kind of attack against banks to extort money, or as a form of terrorism against government websites. He suspects a more innocent reason is behind the issues in Florida.

“My guess is it’s kids or adults who hate standardized testing,” Spring said. “Before, they had to pull a fire alarm to disrupt a test.”

In Miami-Dade, the hackers seem to understand the school schedule because the strikes are timed to take place while students are in class, said Chief Academic Officer Marie Izquierdo.

Whereas the district usually sees about 5 gigabytes per second of traffic, sometimes the number spikes dramatically while the district is under an attempted attack, said Karcher, the district’s chief information officer.

Whoever is attempting the hacks is “a small but mighty group,” she said. “We will be watching it throughout the testing window.”

It’s not uncommon for hackers to disrupt a system over many days in a denial of service attack. For example, an attack originating from the Netherlands has been targeting the British Virgin Islands for almost a month now, according to, which tracks denial of service disruptions.

Miami-Dade has had plenty of experience fighting back threats to the district’s information infrastructure. Just like any business or large organization, “we’re constantly fighting viruses, cyber attacks, all kind of things,” Karcher said.

But the district says it’s well prepared. It has a team of IT specialists who constantly monitor traffic for suspicious activity, which can be tracked down to specific machines. The school system also relies on processors at schools to fight viruses, and has even launched simulated attacks to practice their response to potential hacks.

“We have a lot of redundancy and what I would say are some very good procedures in place,” Karcher said. “These are not always used in all companies, and in fact we’re very sophisticated in that respect.”

But better to be safe then sorry: The school board in June agreed to purchase $10 million in cyber liability insurance coverage.

Follow @Cveiga on Twitter.

Related stories from Miami Herald