Due to a ransomware attack on the software Kaseya, more than 100 kindergartens in the lower North Island are utilising pen and paper today.
Amanda Coulston, chief executive of the Free Kindergarten Association Whnau Manaaki, said the ransomware cyber assault was disclosed to the organisation on Saturday by its IT supplier.
Kaseya is an IT management software provider for Managed Service Providers and small to medium-sized enterprises.
US officials think that the attack on companies and organisations using the IT management software Kaseya was carried out by the Russian-based cybercriminal group REvil.
Coulston stated that all member kindergartens – little over 100 in total – had been advised to keep their laptops and computers turned off while they investigated if any data had been accessed.
Hundreds of organisations throughout the world have also been impacted, including at least 11 schools in New Zealand.
Jo Young, an Awatea Kindergarten teacher in Porirua, said the hack did not create any interruption to the day.
She described it as “really lovely” because it prohibited her and her coworkers from utilising their laptops for administrative tasks.
“In my non-contact time I made rongoa kawakawa balm ready for Matariki, so I could actually just focus on things that I just enjoyed,” she said.
Young said the hack did make it harder for the kindergarten’s administrator to keep a record of attendance.
“Where the challenge was is our administrator who came in had to work from the iPad,” Young said.
“She was really frustrated having to use that.”
Young said teachers were able to use their iPads for email and other tasks.
‘So many unknowns with this attack’
IT specialists this morning warned the full extent of the damage was yet to be seen.
Coulston said the IT provider was working with the Ministry of Education.
“Everyone should keep their laptops and computers off and then if they need to communicate they do it through the iPad. So that just gives us time to to do the work and just identify if we have been compromised or not.”
This is the final week before a term break.
“The teams have been really good,” Coulston said. “They’re just focused on working with the children and going back to good old pen and paper for some things.”
Coulston said it was hugely disruptive and left the organisation in unchartered territory.
“Essentially they’re going through every one of our machines and working their way through an identifying if if anything happened. There are so many unknowns with this attack.
“We wouldn’t want anything of ours going out to a Russian hacking group. We are hopeful over the next day or two that we have a much better idea.”
The government’s agency to help businesses hit by cyber attacks said it encouraged businesses never to pay ransom demands.
CERT NZ incident response manager Nadia Yousef said there were examples of businesses around the world paying out – only to being hit a few days later with further ransomware attacks.
Yousef said the software was a tool used by mostly larger organisations.
At the post-Cabinet media briefing, Education Minister Hipkins said the Ministry of Education had been working with schools that had been affected and “further risk is being sort of isolated”.
“Given the diversity of different systems that are used in schools … we’re working with them to make sure that we isolate any potential risk there.”
He said there the ministry had good capacity to be able to provide schools with secure IT systems through the Network for Learning.
Prime Minister Jacinda Ardern said investment in cyber security and protocols had been a particular focus for New Zealand, including encouraging the private sector to ensure they were well protected against state and criminal actors.