Tag Archive for: SCHOOLS.

Schools Are a Top Target of Ransomware Attacks, and It’s Getting Worse

/in


Ransomware and other cyberattacks on K-12 schools are increasing, especially as districts lean further into technology use for teaching, learning, and other school operations.

Eighty percent of school IT professionals reported that their schools were hit by ransomware in the last year, according to a global survey of 3,000 IT/cybersecurity leaders conducted by cybersecurity company Sophos between January and March. That’s up from 56 percent from the 2022 survey.

School IT professionals were also more likely to report that they’ve experienced ransomware attacks than IT professionals from other industries, according to the survey, which included responses from 200 IT professionals from the K-12 sector.

“Given the resource challenges facing schools, we’ve accumulated a lot of sort of technical debt that is going to make better defending school communities from these threats a challenging endeavor,” said Doug Levin, the national director of the K12 Security Information Exchange, a nonprofit focused on helping K-12 schools prevent cyberattacks.

In a ransomware attack, cybercriminals break into a district or school’s network and take data and encrypt it, preventing the district from accessing the data. Attackers will decrypt and return the data if the district or its insurance company pays a ransom. Attackers typically threaten to release student and employee data to the public if they aren’t paid.

For instance, after a ransomware attack on Los Angeles Unified last year, hackers published highly sensitive mental health records of current and former students. And after a breach at Minneapolis Public Schools in March, a cyber gang published files detailing campus rape cases, child abuse inquiries, student mental health crises, and suspension reports, according to The 74.

Guidance from the FBI and the federal Cybersecurity and Infrastructure Security Agency discourages paying the ransom because it doesn’t guarantee that the data will be decrypted or that the systems will no longer be compromised. Paying the cyber criminals also encourages hackers to target more victims.

But the question of whether or not to pay ransom does not always have a simple answer, especially for school…

Source…

Cleveland City Schools reports ransomware attempt on devices

/in


CLEVELAND, Tennessee (WDEF) – Officials with the Cleveland City Schools say they are working on a ransomware case involving system devices.

They became aware of the attack on Tuesday.

In a statement, officials say less than 5 percent of their school devices were actually affected and none of them are student devices.

And they do not believe any personal information has been compromised.

“We want to assure you that sensitive information, including PowerSchool data, is secure off-site.”

The school system is continuing to check to see if any data has been removed from the system, but, so far, they have not found any missing data.

Source…

Biden-Harris Administration Launches New Efforts to Strengthen America’s K-12 Schools’ Cybersecurity

/in


Biden-Harris Administration is announcing new actions and private commitments to bolster the nation’s cyber defense at schools and protect hard-working American families

Administration leaders, school administrators, educators, and education technology providers will convene at the White House to discuss how to strengthen the nation’s schools’ cybersecurity amidst growing ransomware attacks

The United States has experienced an increase in cyberattacks that have targeted the nation’s schools in recent years.  In the 2022-23 academic year alone, at least eight K-12 school districts throughout the country were impacted by significant cyberattacks – four of which left schools having to cancel classes or close completely.  Not only have these attacks disrupted school operations, but they also have impacted students, their families, teachers, and administrators.  Sensitive personal information – including, student grades, medical records, documented home issues, behavioral information, and financial information – of students and employees were stolen and publicly disclosed. Additionally, sensitive information about school security systems was leaked online as a result of these attacks. Today, Secretary of Education Miguel Cardona and Secretary of Homeland Security Alejandro Mayorkas, joined First Lady Jill Biden, to convene school administrators, educators and private sector companies to discuss best practices and new resources available to strengthen our schools’ cybersecurity, protect American families and schools, and prevent cyberattacks from disrupting our classrooms.

According to a 2022 U.S. Government Accountability Office report, the loss of learning following a cyberattack ranged from three days to three weeks, and recovery time can take anywhere from two to nine months.  Further, the monetary losses to school districts following a cyber incident ranged from $50,000 to $1 million. That is why the Biden-Harris Administration has had a relentless focus on securing our nation’s critical infrastructure since day one, and continues to work tirelessly to provide resources that enable the U.S.’s more than 13,000 school districts to better protect…

Source…

St. Landry Parish Schools, La. Hit By Ransomware

/in


(TNS) — Hackers last week initiated a ransomware attack on St. Landry Parish Schools, according to authorities.

Superintendent Milton Batiste III confirmed that the school fell victim to a cybersecurity attack July 25; a staff member notified the board’s supervisor of technology, Byron Wimberley, Batiste said.

“Once he did investigate, he did notice it was some kind of spyware,” Batiste said.


Batiste said he does not know where the security failures originated from but he is currently working with Louisiana State Police, which is investigating.

Batiste said he notified staff that used suspected compromised devices but has yet to notify parents about the attack. He said if it is confirmed that student or parental information was stolen, they will begin to notify the parents.

“If you see anything suspicious or emails from a source that is not recognizable, let us know so our computer tech personnel can look into it,” Batiste said, “The good thing is that we don’t have a lot of employees that were utilizing devices, so it was restricted to central office staff.”

It is unclear how much and what kind of data may have been obtained in the attack. A source did provide screenshots of data that is available on the group’s dark web blog page. The data include a check made out for $57, a 2021 certificate for a training course, an education disability claim form, communications with an insurance department, and publicly available teachers’ salaries.

St. Landry Parish Schools fell victim to a previous cyber attack in 2020.

Brett Callow, a threat analyst for Emsisoft, a New Zealand cybersecurity solutions company, posted a Twitter thread Monday showing a photo of the ransomware groups dark web blog. It says that St. Landry Parish School Board has a week to pay the group before the data is leaked. The group is asking for a $1 million ransom to delete the data they stole.

He said the ransom was issued less than 24 hours ago. Callow said hacker groups typically find their way into systems through unpatched internet facing servers or through compromised login credentials that were leaked in data breaches or obtained through unsecured…

Source…