More than 100 kindergartens in the lower North Island are using pen and paper today due to a ransomware on the software Kaseya.
Photo: Photo / 123RF
Free Kindergarten Association Whnau Manaaki chief executive Amanda Coulston said its IT provider told it about the ransomware cyber attack on Saturday.
Kaseya provides IT management software for Managed Service Providers and small to mid-sized businesses.
US authorities suspect that Russian-based cybercriminal gang REvil may be behind the attack on firms and organisations using the IT management software Kaseya.
Coulston said all member kindergartens – just over 100 – had been warned to keep their laptops and computers switched off, while they checked whether any data had been accessed.
Hundreds of organisations across the world have also been affected, including at least 11 schools in New Zealand.
In Porirua, Awatea Kindergarten teacher Jo Young said the hack did not cause much disruption to the day.
She said it prevented her and colleagues from using their computers for administrative work and it was “really lovely”.
“In my non-contact time I made rongoa kawakawa balm ready for Matariki, so I could actually just focus on things that I just enjoyed,” she said.
Young said the hack did make it harder for the kindergarten’s administrator to keep a record of attendance.
“Where the challenge was is our administrator who came in had to work from the iPad,” Young said.
“She was really frustrated having to use that.”
Young said teachers were able to use their iPads for email and other tasks.
‘So many unknowns with this attack’
IT specialists this morning warned the full extent of the damage was yet to be seen.
Coulston said the IT provider was working with the Ministry of Education.
“Everyone should keep their laptops and computers off and then if they need to communicate they do it through the iPad. So that just gives us time to to do the work and just identify if we have been compromised or not.”
This is the final week before a term break.
“The teams have been really good,” Coulston said. “They’re just focused on working with the children and going back to good old pen and paper for some things.”
Coulston said it was hugely disruptive and left the organisation in unchartered territory.
“Essentially they’re going through every one of our machines and working their way through an identifying if if anything happened. There are so many unknowns with this attack.
“We wouldn’t want anything of ours going out to a Russian hacking group. We are hopeful over the next day or two that we have a much better idea.”
The government’s agency to help businesses hit by cyber attacks said it encouraged businesses never to pay ransom demands.
CERT NZ incident response manager Nadia Yousef said there were examples of businesses around the world paying out – only to being hit a few days later with further ransomware attacks.
Yousef said the software was a tool used by mostly larger organisations.
At the post-Cabinet meeting, Education Minister Hipkins said the Ministry of Education had been working with schools that had been affected and “further risk is being sort of isolated”.
“Given the diversity of different systems that are used in schools … we’re working with them to make sure that we isolate any potential risk there.”
He said there the ministry had good capacity to be able to provide schools with secure IT systems through the Network for Learning.
Prime Minister Jacinda Ardern said investment in cyber security and protocols had been a particular focus for New Zealand, including encouraging the private sector to ensure they were well protected against state and criminal actors.
