Kansas adds defensive barrier after cyberattack shuts down student testing
04/02/2014 4:14 PM
04/02/2014 4:14 PM
A mysterious cyberattack on Kansas’ online student testing system has forced the state to shut down its exams until Thursday.
The state on Wednesday put an extra barrier around the testing system’s server that seems to have curtailed the assault, said Marianne Perie, co-director of the Center for Educational Testing and Evaluation at the University of Kansas.
The attacks, known as a “distributed denial of service,” began March 27, with some overseas sites bombarding the computer server with intense volumes of data that were overwhelming the system, she said.
The state thought it had gotten the problem under control and had a full testing operation running Monday, but then a new assault struck Tuesday from multiple directions, domestic and international.
“It was coming from so many places, it was like whack-a-mole,” Perie said.
The state now has hired a company that is adding protection on the server to assure that incoming traffic is coming from “non-malicious sites,” she said.
Many school districts in the state were reporting problems, either unable to get into the system or having tests interrupted.
The Shawnee Mission School District had 30 schools that were trying to take tests when the system began to fail, said Chief Academic Officer Ed Streich.
“If students were already logged on, their screens went blank,” he said. “Others were getting error messages.”
The state reported that no student information was accessed “in any way.”
Kansas schools are trying out new tests this spring for the Kansas College and Career Ready Standards, which are based on the Common Core State Standards for math and English language arts. The Center for Educational Testing and Evaluation — CETE — is providing the testing service for the state.
In this transition year, the tests are being scored, but they will not be used in determining overall performance or accreditation status. The tests are taken on computer using the Kansas Interactive Testing Engine.
No one has claimed any responsibility for the attacks, Perie said. The Kansas center searched other testing services that are providing online Common Core testing and did not find any other attacks.
“We don’t know if it was two bored teenagers or an anti-testing attack,” Perie said. “We have no information.”
Distributed denial of service attacks — DDoS — are widespread and a constant concern for public and private websites.
According to Arbor Networks’ annual Worldwide Infrastructure Security Report released earlier this year, more than 70 percent of the surveyed data centers reportedDDoS attacks
in 2013, up from 45 percent in 2012.
The size of the attacks tripled, with thelargest attacks
exceeding 300 gigabits per second, up from around 100 per second in 2010.
The testing window for schools to take the assessments opened March 10, and Monday was the busiest day so far, Perie said. The testing window is open through May 16.
The state is asking districts to hold off until Thursday before trying to test again. But the state did invite some schools to do testing Wednesday to check the system, and the site seemed to be working again.
While area districts were expressing patience Wednesday, at least one district in the state — Topeka — is giving teachers the option to suspend further testing.
“We feel our district has made a noble effort to accomplish the task,” Topeka Public Schools Superintendent Julie Ford said in letter distributed Tuesday. “We know many students, teachers and parents are frustrated that the assessment system is not working properly.”
In Shawnee Mission, Streich said that even though this year’s tests don’t count, schools want to practice them for next year and gain insight on how well their students are performing. He said he is confident “we will be able to move forward with the assessments.”
Other districts also reported some frustration — though expressing patience.
“We knew that the state unveiling a new test engine would bring some challenges,” said Olathe Deputy Superintendent Alison Banikowski. “We appreciate our staff and students’ perseverance and patience. We have had many schools complete testing with success and know that those who still are yet to test will complete this task successfully.”
Blue Valley leaders think the technical glitches will be resolved. Several hundred students have already tested, a spokeswoman said, and the district “is pleased with the quality of the test.”
Kansas Education Commissioner Diane DeBacker shared the same optimism in a written statement.
“We’re confident CETE will make the necessary modifications to insure we remain up and running,” she said.