Kindergartens and elementary schools struggling to educate children amid sustained coronavirus-induced remote learning can officially add a new woe to their list: hackers.
The U.S. government on Thursday issued a statement warning that criminals are specifically going after schools’ distance-learning programs. And while this fits a well-established pattern, the latest alert from the Cybersecurity & Infrastructure Security Agency (CISA) makes it clear that it’s no longer just colleges and universities that need to be on their guard.
“The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance-learning services,” reads the statement. “Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year.”
Ransomware, which over the course of the past several years has ground businesses and infrastructure to a halt across the globe, works by encrypting a target’s files and demanding some form of payment — often in the form of cryptocurrency — to decrypt those files. That hackers have now moved from corporations to kindergarten, elementary, and high schools likely reflects those organizations’ comparatively lax cybersecurity combined with educators’ increased dependence on digital tools.
With so many working and learning from home thanks to the coronavirus, it follows that schools might be more willing to pay up should they lose access to the tools making remote learning possible.
“In these attacks, malicious cyber actors target school computer systems, slowing access, and — in some instances — rendering the systems inaccessible for basic functions, including distance learning,” reads the CISA alert.
Notably, in a twist reminiscent of the Maze ransomware crew, hackers are doing more than just encrypting target schools’ files.
“Adopting tactics previously leveraged against business and industry, ransomware actors have also stolen…