Cyber specialist weighs in on TN Ready glitch
The Tennessee Department of Education (TDOE) says the testing system was "deliberately attacked" Tuesday. It kept students from logging in and submitting their tests.
It's been three days since TN Ready testing launched for the year. On Wednesday, Hamilton County students finally got to take the test after two days of setbacks.
The Tennessee Department of Education (TDOE) says the testing system was "deliberately attacked" Tuesday. It kept students from logging in and submitting their tests. TDOE says the testing system was designed to mask and protect student information, and they say that's exactly what it did during the attack.
But Channel 3 wanted to know how an attack like this could happen so we took our questions to a cyber specialist.
"Attacks on the Internet are happening every day and organizations that have an Internet presence are constantly defending against the many types of attacks that occur," said Shareholder and Head of Information Security at LBMC, Mark Burnette. LBMC has offices in Chattanooga, Nashville and Knoxville, but they also serve international customers.
Burnette says his two children were among the hundreds of thousands of students who were unable to log in or submit their TN Ready tests this week. Based on the information the state has released so far. Burnette says an attacker may have compromised the system by using what's called password spraying.
"The attacker could launch coordinated attacks guessing at what passwords work for particular accounts and the system would be busy trying to determine whether or not the attempts were authorized. That could potentially have caused the slowness in the system that was seen yesterday," said Burnette.
Burnette says the hacking technique eventually causes a "denial of service attack."
"What happens then is that the website is so busy dealing with the bogus requests that came from the attacker that it’s having a difficult time handling the legitimate request at the same time, and so that’s definitely a possibility that we can’t rule out until we get more information from Questar."
There are many reasons why systems are attacked. Gaining access to personal information is one of them, but Burnette says that's unlikely with state officials saying the system shut down during the attack to protect student data.
"It could potentially be to undermine the credibility of the testing system which could potential he cause lawmakers and others to shine a microscope on the testing environment and want to make changes to it," said Burnette.
Tim Hensley, a spokesperson for Hamilton County schools says students do not use their social security numbers that he is aware of. He says a randomly-generated username and password is sent to schools and assigned to each student who takes the test. It's not clear if the state or Questar creates those usernames and passwords.
Channel 3 did reach out to Questar, which is the company that supplies the TN Ready tests. Here's their statement:
"At approximately 8:45am, CT Questar became aware of an issue that prevented students from logging on to or submitting tests. At this time, we are investigating the cause. Initial findings indicate it is external to our online delivery platform. We are working with our hosting vendor to determine the root cause and have taken necessary measures to allow students to resume successful testing. At this time, testing has resumed."
Stay with the WRCB app for updates to this story.