Staff loses admin rights after email virus


INFECTED: After school on Oct. 16, Senior Jocelyn Heimsoth works on the yearbook after losing time when the virus locked her out of the yearbook drive. In the aftermath of the virus, her computer needed to redownload essential files such as fonts.

Ben Kimchi

A computer virus that infected Columbia Public Schools (CPS) devices, discovered Oct. 3, caused teachers and staff to lose access to their application files.
The virus was device-specific and did not affect data servers, according to CPS director of community relations Michelle Baumstark. To avoid the spread of another virus as well as increase security, CPS technology support analyst Jeremy Young said faculty lost administrator rights to their computers and cannot download, modify or access specific softwares.
“It’s all restricted right now. It’s not determined whether it’s going to stay fully restricted or [if] they will be lifted over time,” Young said.
The virus metastasized when one of the Aslin staff members released a quarantined email that had been contained with other suspicious emails. Sometimes perfectly safe emails with large attachment files become quarantined, Baumstark said, so employees check their quarantine file periodically. The spoofed email tricked a particular employee, causing the accidental spread of the virus; however, Baumstark said the quick response of technology services diffused the impacts.
“Any of the computers that were affected were reimaged and the virus has been mitigated,” Baumstark said. “The effects were minimal as it was device specific and did not impact services. Technology Services worked quickly to resolve the issue.”

The email-spread virus affected students of Columbia Area Career Center teacher Mikah Simpson.
“I wasn’t affected much by the security failure,” Simpson said.
“But I did have some students lose their work because they didn’t save it before shutting down their computer though, it wasn’t too much of a hassle for them to start again.”
Baumstark said the reason most teachers didn’t experience detrimental consequences was because of the security precautions CPS already has in place.
“We have firewall, we have filters, we have monitoring, we also have a third party entity that does security audits for us,” Baumstark said. “So we have all of those things in place, which it is partly why nothing was impacted.”
While Young and Baumstark trust in the firewalls and security systems, added precautions like less privileges for teachers aim to supplement those already in place, Young said. Fortunately, the loss of software downloading, modifying and accessing did not affect most teachers as most store information on online drives rather than applications.
But for the design editor of the yearbook, junior Chloe James, lack of access is a hassle as making a yearbook requires uploading new fonts to look fresh and stylish. While ultimately she is still able to get fonts, the process now needs the involvement of more, less reachable, people.
“It’s not going to look the same without [downloading] right fonts,” James said. “We have to [get permission] from their help desk instead of us just being able to like type in [the password.] And they might answer, they might not. [And even if they answer] it takes 15 minutes longer than it should.”
For an undetermined amount of time, Young said, whenever teachers or staff need to use administrator privileges, they must contact CPS technology services. Although he is more busy, Young said, the increased security is worth the cost of time.
“Everyone would hope it [is the last time],” Young said. “We will definitely take all the steps possible to make that the case.”