The Florida Department of Law Enforcement has closed its six-month-old investigation into a cyber attack during Florida Standards Assessments testing this spring. The agency isn’t saying who tried to shut down testing by overloading servers, or why.
But law enforcement officials said no personal student data was accessed during the attack.
FDLE said they found more than 29,000 Internet addresses were used to swamp servers run by test contractor American Institutes for Research. Some of the addresses were in the U.S., but most were believed to be foreign.
Education Commissioner Pam Stewart thanked the agency for a quick response.
“I want to reassure our state’s students, parents and educators that, because of the nature of the cyber-attack, no student information was accessed and the content of the assessment was not compromised,” Stewart said in a statement. “I am pleased that the additional safeguards were effective, and we will continue working with AIR to ensure they have all of the necessary protections to provide for a smooth testing experience this year.”
The attack was what’s known as a distributed denial of service, or DDoS. Hackers use a coordinated network of computers to access a web site many, many times simultaneously. The surge in fake traffic prevents other users from accessing the site — as happened to students trying to complete the Florida Standards Assessments.
The attack briefly shut down testing this spring until AIR was able to quarantine the DDoS attack.
Such attacks during testing are becoming more common. Kansas had to throw out results from the trial run of its latest exam after hackers disrupted testing.