FDLE finds no suspect, motive in school testing cyberattack


  • September 16, 2015
  • /   Brandon Larrabee
  • /   community-dashboard

Hacker typing on a laptop

TALLAHASSEE — An investigation into a cyberattack launched earlier this year against the state's computer-testing platform for public schools has ended with no suspects and no apparent motive, according to the Florida Department of Law Enforcement.

The attack came as the state rolled out a new standardized testing platform, a critical part of evaluating student progress and teacher effectiveness in the state. The problems, many said, undermined confidence in the high-stakes testing platform, used to evaluate Florida's schools, determine student promotion and retention and influencing graduation rates.

Graduation rate is one of 16 key metrics in the Studer Community Institute's Metro Dashboard, which is a group of educational, economic and social metrics to track the quality of life in the Pensacola area.

State officials emphasized that the March incident was what is known as a Distributed Denial of Service, or DDoS, attack — which occurs when someone bombards a server with requests to overload it and make it unable to handle legitimate traffic.

"Most importantly, I want to reassure our state's students, parents and educators that, because of the nature of the cyberattack, no student information was accessed and the content of the assessment was not compromised," Education Commissioner Pam Stewart said in a statement issued Wednesday.

The Florida Department of Law Enforcement said 29,000 IP addresses were used in the cyberattack. IP addresses are meant to identify computers on the Internet, though they can be hijacked or spoofed.

"While some of the IP addresses used in this attack were based in the United States, most were believed to be in foreign countries," the agency said. "FDLE did not identify a suspect or a motive for the DDoS attacks."

The investigation appears to close out a stormy chapter in the history of the state's new test, known as the Florida Standards Assessment.

The attack was part of a series of embarrassing technological snags that hampered the spring rollout of the assessment, the latest standardized tests for the state's public schools. The attacks hit the testing platform operated by American Institutes for Research, a non-profit group that signed a six-year, $220 million deal to design the test.

While the attacks were blamed for some of the trouble that students had accessing the test, there were also widespread delays before the computer assault began. The state is pursuing sanctions against the group for the glitches.

As a result of the snafus and a general public uproar about over-testing, lawmakers scaled back tests and required a third-party review of the test before it could be used for accountability measures like school grades and teacher evaluations.

The Florida Department of Education announced earlier this month that the review found the test to be valid.