PROVINCETOWN — A cyberattack on the Provincetown IB Schools triggered a shutdown of the schools’ network from Oct. 17 to 28. The network, servers, and Windows computers were affected by what Town Manager Alex Morse called a “security incident.”

According to Morse, students’ Chromebooks and the schools’ cloud-based systems, on which student information and health records are stored, were not affected, so it is unlikely that personal information was stolen. The incident was reported to local, state, and federal law enforcement and an investigation is underway.

Cyberattacks on large networks like schools are rare, said Emily Mandirola, chief operating officer of Penetra Cybersecurity, a company with offices on Cape Cod, but “hacking is on the rise,” she said. These kinds of incidents are becoming more common and the techniques used to create them more sophisticated, she said.

Rick Pinney, the president of Penetra, echoed Mandirola. Referencing a classic email scam, he said, “the Nigerian Prince has retired.”

Pinney pointed to the recent systems breakdown at Stop & Shop that resulted in empty shelves across the Northeast as an example of how easily cyberattacks can disrupt our day-to-day lives (although the Stop & Shop company has not confirmed that it was a cyberattack). It’s hard to visualize a hack, said Pinney, until “you see the results with empty store shelves.”

Details of the incident at the Provincetown Schools are limited, said Morse, because the investigation is not complete. But according to School Supt. Gerry Goyette, the problem first came to staff’s attention when a teacher noticed a computer was acting strangely. “We reached out to our tech department and they said, ‘Oh, that doesn’t sound right,’ ” he said.

Goyette said he thought about seven minutes went by before the system was shut down. But he wondered how much damage might have been done. “You can do a lot in seven minutes,” he said.

After the network was shut down, Goyette said, the school reached out to Blue Mantis, an IT services company, which did a “forensic dive” into the server. They then wiped all the machines that were affected by the hack to ensure there was no remaining malware. “We were replacing the server anyway,” Goyette said. “This just made the timeline happen a lot sooner.”

Goyette said he is now in the process of informing everyone who might have been affected. The Mass. Data Breach Notification Law requires businesses and organizations that are victims of a data breach to alert people if they have information like Social Security numbers, driver’s license numbers, or financial account information on file.

Goyette sent letters to people who met those criteria but said that he also sent letters to people who were mentioned by name at all in the files that were stolen, even if no personal information was in the schools’ network. “If your name was even mentioned in a file they have, I’d want you to know that,” he said. “If this was happening to me, I would want to know.” His letters went out on Nov. 19.

The Provincetown IT Dept. devoted all of its efforts over 11 days to helping the schools remain operational, Goyette said. During that time, administrators, teachers, and students had no access to the internet while at school.

Goyette had one other observation about the experience: while the network was down, he said, “it was nice to see kids without laptops and computers.”

While the source of the hack at Provincetown IB Schools is not known, Pinney said that the method hackers typically use to access networks like this one involves tricking a person on the network into clicking a link or downloading a file. “They say if you can’t hack the computer, hack the human,” he said.

Pinney said that hackers steal information either to commit identity theft or to sell the information to other identity thieves. He said that it can often take a long time for users to realize that a network has been hacked. “Props to the teacher who noticed something weird and actually said something,” he said.

To avoid network shutdowns like the one that lasted 11 days at the schools, Pinney suggested running a “virtual machine,” which emulates the network and backs up all its information, making it easier to recover. It also makes identifying the source of the hack easier because forensic teams have a “before” image of the server to reference.

Cyberattacks that affect individuals are on the rise, too, Mandirola and Pinney both said. These tend to take the form of a phishing email, Mandirola said. Often, hackers send an email that appears to be from a reliable source but upon closer inspection is from a deceptively similar address.

Mandirola noted that there is often a rise in these types of attacks around the holidays, since people are shopping and may be quick to click a link that appears to be from a delivery service or online store.

Pinney said that some hackers prey on people’s fears of identity theft by pretending to be a bank and telling victims their card has been stolen, then saying they need to “confirm” the victim’s credit card details to further investigate the theft, tricking the victim into providing that information.

One of the hallmarks of phishing emails, Mandirola said, is their supposed urgency. “When they urgently need your credit card number,” she said, “that’s one way to know that it’s going to be a scam, because they’re playing on your fears.”

Mandirola said that most hacks are avoidable with a little extra caution. She advises people to set up two-factor authentication on their email to avoid their account being breached and double checking the addresses on unusual emails to make sure they’re from a trusted source.