Tag Archive for: Black

Black Majority Schools Face Alarming Internet Security Risks, Report Finds

/in


There is a large digital divide affecting low-income and Black or Indigenous majority schools, a recent report by Internet Safety Labs (ISL) has found.

Ads and trackers

The report “Demographic Analysis of App Safety, Website Safety, and School Technology Behaviors in US K-12 Schools” explores technological disparities in American schools, focusing mainly on marginalized demographics.

This research expands on ISL’s previous work on the safety of educational technology across the country and is supported by the Internet Society Foundation. It reveals how schools of different backgrounds use technology and the risks involved.

One concerning finding is that websites for schools with mostly Black students were the least safe.

One-third of these schools had advertisements on their websites—a rate much higher than the national average—and 100% of the websites had trackers monitoring visitor behavior.

Privacy or digital divide?

The study also highlights a broader problem: a digital divide in how technology is used in education.

Schools in the lowest income bracket, making between $20,000 and $39,000, were among the least likely to provide their students with computing devices. This limits these students’ experience with technology.

Furthermore, the technology that is recommended or required often poses privacy risks, including apps filled with digital and behavioral ads.

Similar trends were seen for schools with the most American Indian/Native Alaskan students, leading to concerns about how this digital divide impacts students’ learning and their understanding of technology.

What Is The Solution?

The report suggests several actions for schools, school districts, and policymakers.

It recommends eliminating digital ads and tracking devices on school websites.

It also emphasizes the importance of schools being transparent about the technology they use, suggesting they publish a comprehensive list of required technology so students and parents know what’s expected.

Finally, it suggests schools should thoroughly vet all technology they recommend or require for educational use, to ensure it’s safe and appropriate…

Source…

Law Firm Sues MSP Over Black Basta Ransomware Attack

/in


A managed service provider (MSP) has been slapped with a lawsuit by a prominent Sacramento, California law firm alleging that it failed to protect it from a ransomware attack that took down its systems.

The lawsuit, which has generated a significant amount of chatter in the channel community, filed by the law firm Mastagni Holstedt in Sacramento Superior Court, claims that LanTech LLC, a privately-owned Sacramento company, failed to adequately protect it from the attackers.

MSSP Alert has reviewed the complaint in which Mastagni is seeking more than $1 million in damages. The firm employs 42 lawyers.

LanTech owner Terry Berg and backup provider Acronis, a Delaware-based provider, doing business in California, are also named as defendants in the filing. Berg has owned LanTech since its inception in 1994.

The plaintiff alleges that they were forced to pay the attackers, said in the complaint to be Black Basta, an undisclosed sum to regain access to its network. The incident occurred in February, 2023 and the lawsuit was filed last month.

Reached by telephone, a LanTech employee declined to comment and said he knew nothing about the suit. Acronis denied any responsibility for the ransomware attack.

“Our investigation revealed that access credentials may have been compromised outside of our systems and used to delete the firm’s backups and execute a ransomware attack,” the company said in a statement to the Sacramento Bee. “Acronis has not been served with the lawsuit and will not be commenting further on this litigation.”

Black Basta, a Russian-speaking group ransomware-as-a-service crew first detected in 2022, is said to have orchestrated some 300 ransomware attacks that have landed it more than $100 million in bitcoin ransom payments.

LanTech describes itself as a “team of IT engineers with a passion for delivering exceptional service to businesses in the Sacramento region. We specialize in network management and have extensive experience in analyzing, integrating, and maintaining crucial IT systems for our clients.” The MSP lists Microsoft, Dell and HP Enterprise as “partners.”

“Major Outage” Sparks Lawsuit

The lawsuit claims that the plaintiff and LanTech entered into an…

Source…

Free Decryptor Released for Black Basta Ransomware

/in


A vulnerability in the encryption algorithm used by the Black Basta ransomware has led researchers to develop a free decryptor tool.

Active since April 2022, the Black Basta ransomware group employs a double extortion strategy, encrypting the vital servers and sensitive data of their victims and threatening to reveal the sensitive information on their public leak site.

Since the beginning of 2022, the criminal group has received at least $107 million in Bitcoin ransom payments. Over 329 victims have been affected by the ransomware gang, according to the experts.

A free decryptor has been offered by independent security research and consulting company SRLabs to assist victims of the Black Basta ransomware in getting their files back.

How Can the Files Be Recovered?

Researchers claim that if the plaintext of 64 encrypted bytes is known, data may be recovered. The size of a file determines whether it may be recovered entirely or partially. Files with less than 5000 bytes in size cannot be restored. 

Complete recovery is achievable for files ranging in size from 5000 bytes to 1GB. The first 5000 bytes of files larger than 1GB will be lost; however, the remaining bytes can be restored.

“The recovery hinges on knowing the plaintext of 64 encrypted bytes of the file. In other words, knowing 64 bytes is not sufficient in itself since the known plaintext bytes need to be in a location of the file that is subject to encryption based on the malware’s logic of determining which parts of the file to encrypt”, the researchers said.

It is possible to know 64 bytes of plaintext in the correct location for several file types, particularly virtual machine disk images.

Researchers developed various tools to aid in analyzing encrypted files and determining whether decryption is feasible.

The decrypt auto tool may recover files containing encrypted zero bytes. Manual review may be required depending on how often and to what extent the malware has encrypted the file.

Decrypting file with the decryptauto.py tool

Researchers say a magic byte sequence that is not included in the encrypted file is left by the malware at the end. The file only has zero bytes after the tool has finished running….

Source…

Kershaw County School Hit By Black Suit Ransomware

/in


The Kershaw County School District, a prominent educational institution in the USA, has allegedly fallen victim to a cyberattack by the notorious Black Suit ransomware group.

The cybercriminals claim to successfully infiltrated the school’s systems, leading to the unauthorized extraction and subsequent leak of a staggering 17.5 GB of sensitive data.

Magnitude of Cyberattack on Kershaw County School

The Kershaw County School District, accommodating more than 10,500 students and boasting a staff of over 1,000 employees, has become the latest target in a string of cyberattacks plaguing the US education sector.

The Cyber Express team reached out to school authorities for confirmation of the cyberattack. However, at the time of reporting, no official response has been received, casting uncertainty over the legitimacy of the cyberattack on Kershaw County School claims.

Interestingly, the school’s official website remains operational and unaffected, raising questions about the credibility of the Kershaw County School cyberattack assertions.

Kershaw County School cyberattack
Source: HackManac

This cyberattack on Kershaw County School marks a recurring trend in the education sector, particularly K-12 institutions, which have increasingly become prime targets for cybercriminals.

Why Educational Institutions Are Targets

A research report from the Center for Internet Security highlights the vulnerability of public schools in the US to such malicious activities. This revelation follows the closure of two US schools due to recent cyberattacks, further highlighting the severity of the situation.

The Jackson County Intermediate School District (ISD) faced a disruptive ‘system outage,’ prompting the closure of several public schools reliant on its technology services. The outage impacted critical systems, including telephones, classroom technology, and heating facilities.

As investigations into the incident continue, Superintendent Kevin Oxley declared a day’s leave for affected schools in Jackson and Hillsdale counties, aiming to facilitate the thorough detection and resolution of the issue.

In a separate incident, Stanford University, a prestigious research institution, grappled with a cybersecurity breach in…

Source…