Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Schools. Show all posts

Fortifying Cybersecurity for Schools as New Academic Year Begins

 

School administrators have received a cautionary alert regarding the imperative need to fortify their defenses against potential cyberattacks as the commencement of the new academic year looms. 

The National Cyber Security Centre has emphasized the necessity of implementing "appropriate security measures" to safeguard educational institutions from potential threats and to avert disruptions.

While there are no specific indicators of heightened threats as schools prepare to reopen, the onset of a fresh academic term underscores the potential severity of any cyberattacks during this period. 

Don Smith, the Vice President of the counter-threat unit at Secureworks, a cybersecurity firm, has highlighted the current transitional phase as an opportune moment for cybercriminals. He pointed out that the creation of new accounts for students and staff, as well as the school's approach to portable devices like laptops and tablets, can introduce vulnerabilities.

Smith explained, "Summer is a time when people are using their devices to have fun, play games, that sort of thing. If you've allowed teachers and pupils to take devices home, or let them bring their own, these devices may have picked up infections and malware that can come into the school and create a problem."

Last September, six schools within the same academy trust in Hertfordshire suffered internal system disruptions due to a cyberattack, occurring shortly after the new term had started. 

Additionally, just recently, Debenham High School in Suffolk fell victim to a hack that temporarily crippled all of its computer facilities, prompting technicians to work tirelessly to restore them before the commencement of the new term.

Schools are generally not the primary targets of concentrated cyberattack campaigns, unlike businesses, but they are considered opportunistic targets due to their comparatively less robust defenses. 

Don Smith emphasized that limited budgets and allocation priorities may result in schools having inadequate cybersecurity measures. Basic digital hygiene practices, such as implementing two-factor authentication and keeping software up to date, are crucial for safeguarding vital data.

Moreover, it is imperative for both students and teachers to be regularly educated about cybersecurity threats, including the importance of strong passwords, vigilance against suspicious downloads, and the ability to identify phishing attempts in emails. Mr. Smith noted that cybersecurity is no longer solely the responsibility of a small IT team; instead, all users are on the frontline, necessitating a general understanding of cybersecurity fundamentals.

A recent study revealed that one in seven 15-year-olds is susceptible to responding to phishing emails, especially those from disadvantaged backgrounds with weaker cognitive skills. Professor John Jerrim, the study's author, emphasized the need for increased efforts to help teenagers navigate the increasingly complex and perilous online landscape.

The National Cyber Security Centre, a division of GCHQ, has previously issued warnings regarding the growing prevalence of ransomware attacks targeting the education sector. Ransomware attacks involve criminals infiltrating a network and deploying malicious software that locks access to computer systems until a ransom is paid. Although ransomware attacks temporarily declined during the first quarter of 2023, they have been steadily increasing since then.

SonicWall, a cybersecurity company, emphasized that schools, being repositories of substantial data, are attractive targets for hackers pursuing financial and phishing scams. As schools rely more heavily on internet-based tools in the classroom, they must prioritize cybersecurity, both in terms of budget allocation and mindset, as the new school year approaches.

In response to these concerns, a spokesperson for the Department for Education affirmed that educational institutions bear the responsibility of being aware of cybersecurity risks and implementing appropriate measures. This includes establishing data backups and response plans to mitigate potential incidents.

"We monitor reports of all cyberattacks closely and in any case where there has been an attack, we instruct the department's regional team to offer support," they added. "There is no evidence to suggest that attacks like this are on the rise."

Surge in Ransomware Attacks: Hackers Set Sights on Schools

 

With the growing dependence of educational districts on technology for their operations, the occurrence of cyberattacks on K-12 schools is on the rise.

In the year 2023, there have been ransomware attacks on at least 48 districts, surpassing the total number recorded in the entirety of 2022. This data comes from Emsisoft, a cybersecurity firm. Of these attacked districts, all but 10 of them had their data stolen as well, as per the findings of the cybersecurity company.

The previous year saw ransomware attacks on educational institutions in the United States, including schools and colleges, resulting in nearly $10 billion in costs due to downtime alone.

The mechanics of these attacks are as follows: Hackers, frequently associated with Russia and China, employ network-encrypting malware to pilfer data. They achieve this by enticing unsuspecting teachers or school administrators to click on infected emails or attachments.

Once the virus gains access, it bars entry to the entire system's data, encompassing sensitive information like social security numbers, financial records, and confidential student data. To add leverage, the hacker often threatens to expose this information online unless they receive payment in cryptocurrency.

Comparitech's Editor and Consumer Privacy Expert, Paul Bischoff, highlighted the heightened vulnerability of schools due to the imperative nature of attendance. The regular functioning of the school system and the contentment of parents are jeopardized if children are forced to stay out of school for extended periods due to cyberattacks.

Bischoff clarified that hackers generally target fundamental information like names, addresses, and email addresses. While these details might not have an immediate monetary impact on students, they render them susceptible to future attacks, whether from sexual predators or thieves.

Recently, the Cleveland City School District identified ransomware on some of its devices. Thanks to proactive measures such as system backups, the level of disruption was contained.

However, there have been instances where other school districts weren't as fortunate. One Connecticut school district suffered a loss exceeding $6 million due to a cyberattack, although they have managed to recover roughly half of that amount.

In a notable case in March, ransomware groups made public 300,000 files after Minneapolis Public Schools declined to pay a $1 million ransom. These leaked files contained sensitive information about student sexual assaults, cases of psychiatric hospitalization, abusive parents, and even suicide attempts.

According to data from Comparitech, the year before saw 65 ransomware attacks affecting over 1,400 educational institutions, impacting around one million students. Although some hackers demanded ransoms ranging from $250,000 to $1 million, many schools refrain from disclosing ransom details due to concerns about attracting further attacks.

In a bid to address the issue, the White House organized its inaugural "cybersecurity summit" earlier this month.

Bischoff emphasized the necessity of training school staff to recognize phishing emails and other potential hacker entry points. He also advised ensuring that antivirus software is kept updated and that data is regularly backed up. He added that storing these backups off-site can safeguard them against ransomware attacks.

Schools: Prime Targets for Hackers Amid Poor Cybersecurity and Ransom Payments

 

New data indicates that school districts have become highly susceptible to online exploitation, emerging as the primary target for hackers. According to a recent global survey conducted by the British cybersecurity company 

Sophos, a staggering 80% of schools experienced ransomware attacks last year, representing a significant increase from the 56% reported in 2021. This doubling of the victimization rate over two years has led researchers to label ransomware as the most significant cyber risk faced by educational institutions today.

Comparing various industries, schools fared the worst in terms of victimization rates, surpassing even sectors like healthcare, technology, financial services, and manufacturing. 

The survey, which included responses from 400 education IT professionals worldwide, revealed that United States institutions are particularly attractive targets for hacking groups, especially since the events surrounding Russia's invasion of Ukraine.

Two factors have made schools especially vulnerable to cyber threats in the United States. First, the cybersecurity measures in educational settings often lag behind those in major businesses, such as banks and technology companies. Second, schools prove to be easy targets for exploitation due to their willingness to pay ransoms. 

Last year, nearly half of the attacks on schools resulted in ransom payments, further enticing threat actors. Unfortunately, this combination of weak defenses and a readiness to pay has made schools a "double whammy" for hackers, according to Chester Wisniewski, the field chief technology officer of applied research at Sophos.

The motivation to pay ransoms seems to be influenced by insurance coverage. In districts with standalone cyber insurance, 56% of victims paid the ransom, while those with broader insurance policies covering cybersecurity saw a payment rate of 43%. Insurance companies often cover ransom demands, giving them significant sway over which districts comply with the extortion demands.

Elder, a school representative, acknowledges the difficult decisions schools face when dealing with ransomware attacks. While it is essential to safeguard confidential information and protect people, the pressure to manage resources and finances can make the choice challenging.

Ultimately, the data suggests that schools must prioritize and strengthen their cybersecurity practices to avoid falling prey to hackers and ransom demands. 

Relying on insurance alone may not provide a comprehensive solution, as hackers continue to exploit vulnerabilities, and insurance companies struggle to keep pace with evolving threats.

Educational Institutions Under Attack: Ransomware Criminals Leak Students' Sensitive Data Online

 


School documents containing confidential information have been stolen by ransomware gangs and dumped on the Internet for free. Students are described as being sexually assaulted by other students, hospitalized due to mental health problems, abused by their parents, and even attempting suicide. 

In today's data-driven economy, our personal information is constantly sent to websites and organizations to automate, transfer, and verify certain processes. Much of this information or data is confidential or private. This includes medical information, financial documents, and personal records such as an address, and may contain sensitive or confidential information. 

In the case of primary schools and universities, schools, and universities are often required to hold large databases of information about their students. These institutions usually maintain large databases of information about their students. 

Unfortunately, as useful as these databases are for automating processes and maintaining records for schools, this trove of information makes these databases big targets for a data breach. 

As a result of the recent cyberattacks, more than 300,000 files, containing the entire case files for sexual assault cases, were leaked onto the net. There was a ransom demand of $1 million put forward last week by Minneapolis Public Schools, a district with 36,000 students. Furthermore, the data exposed also included medical records, discrimination complaints, Social Security numbers, and contact information for district employees. In addition, it included their medical history. 

Due to financial constraints, districts are ill-equipped to defend themselves. However, they have responded diligently and transparently when attacked, especially as they struggle to provide the finest education for their students and negotiate an ever-shrinking budget. 

Despite the administrators' promise to inform affected individuals months after the shocking attack in Minneapolis, they have not done so far. The federal government does not require schools to notify parents in the same way that it does hospitals.

As a result of the exposure of the case files of six students accused of sexual assault, the Associated Press reached out to their families. This was the first time they had been alerted to the danger by someone other than a reporter. 

The term "school data breach" refers to the access or misuse of confidential or sensitive information within a school's computer network by a malicious internal user or an external attacker when they gain unauthorized access. Occasionally, these third parties will be able to get their hands on data that they should not be obtaining by accident. This type of incident is usually caused by an internal user viewing data that should not normally be accessible to them. This is because they are not entitled to access it. Even if the data is not removed, this breach is considered a security breach, as it bypasses security measures. 

Despite this, schools are less concerned about these types of breaches than malicious ones, which are a higher priority. There are more of them than you would think, and they are quite common. More than 40,000 security incidents occurred over two years in 2021, according to Verizon. A total of more than 2000 opportunities were leaked from this number, which was an unacceptable level of privacy violation for users and companies. 

Oftentimes, ransomware attacks are caught in the middle of a school's operation, but the data is generally lost. The Los Angeles Unified School District decided to do exactly that last Labor Day weekend in observance of the holiday. Despite this, more than 1,900 former students' private records including psychological evaluations, medical records, and other information were leaked online as part of an ongoing investigation. The district revealed the full extent of the breach to the public in February, noting that this breach involved three decades of data and that notifying victims is a complex process. 

In the real world, ransomware attacks on schools have no lasting impact on closing schools, recovering from the damage, or even causing the cost of cyber insurance to soar. In light of the AP's discovery that private information had been posted on the open internet and dark web, staff, students, and parents have been traumatized. 

San Diego, Des Moines, and Tucson, Arizona, are a few of the other large districts recently affected by data theft. There is no certainty about the severity of these hacks. However, it has been criticized that all the companies affected by ransomware are slow to admit they have been infected. Also, they hesitate to let victims know when they have been notified - or both. 

Schools and universities are at risk of losing sensitive student information as well as their finances as a result of institutional data breaches. It is important to stress however that in many cases, even if an organization took appropriate security precautions to prevent a data breach, their reputation can take a hit because of the breach. In some cases, this may be more of a concern for companies and financial institutions. However, reputation is still incredibly significant for schools attempting to protect their students' information. 

The threat of hackers targeting universities may seem more logical to many. However, even for K-12 schools, numerous cybersecurity risks should still be considered. As reported by NBC News, over 1200 K-12 schools have been impacted by hackers who have stolen their students' data and then posted it online through ransomware. Even though younger students may not be able to access their own banks or social media accounts, personal data leaks pose all the same risks as those involving older students. Students may have to deal with the consequences of security breaches affecting their personal information and social security numbers for years after the events are over. The consequences of this are numerous down the road.   

Data Breaches in Schools: What Are The Possible Causes?

Email Mishaps 

There is plenty of reasons why attackers target schools because, in today's modern world, many schools and libraries insist on students creating online accounts to access information. There is no doubt that the convenience of having such accounts is tremendous. However, unfortunately, these accounts contain information that can be abused and exploited by others. A common way in which educators communicate with their students is through mass emails containing information about upcoming tests or events. As more users adopt this type of broadcasting mode, hackers will be able to target a large quantity of storable information in a short amount of time. 

Phishing Attacks 

The use of phishing attacks as another method of stealing data from schools is a common cause of data breaches. Various types of phishing attacks can be committed. This kind of email can be classified as spam containing links to a malicious program from within it or containing malware. School administrators have no choice but to warn their students to be vigilant and read the contents of emails carefully, so that they remain vigilant. Also, before clicking on any link, they should check if the sender is someone they have a good relationship with and that they trust. 

Students can also suffer from phishing attacks when using banned or insecure websites. In most cases, the websites are filled with untrustworthy hyperlinks that could contain malware, but they can even infect your data even before you even click on the URL to go to another website.

Intentional Liabilities 

In less common situations involving a student taking unethical actions that lead to an intentional data breach, such as a student committing unethical behavior. Although it is unfortunate, it is possible that a student may feel slighted by the institution by a data breach and this can result in damage to the institution's reputation as a whole. 

Human Error

It is necessary to recognize that, sometimes, human error can lead to easy access by hackers, which is more common than organizations might wish, unfortunately. In many cases, however, schools and universities are not investing enough time and money into preventing the leaks of sensitive data, which could be prevented with enough training and resources to prevent the types of breaches that are happening right now. 

After school systems become the victim of ransomware attacks, criminals turn to a distressing tactic to extort money by releasing the files of children's school accounts onto the internet under the name of ransomware. Currently, a disturbing trend is developing among students that threatens their privacy and security. Considering the incident, educational institutions should take proactive measures to safeguard sensitive student information from malicious hackers. They should also strengthen their cybersecurity defenses to protect sensitive data from being exposed to the public.

Cyberattack Compels Albuquerque Public Schools to Close 144 Schools

 

Following a cyberattack that attacked the district's attendance, communications, and transportation systems, all 144 Albuquerque Public Schools are closed for the remainder of this week, according to APS's announcement on mid-day Thursday. 

APS is one of the 50 largest school districts in the country, with around 74,000 students. 

District IT staff discovered the problem on Wednesday, and APS posted a statement on its website and Twitter account that afternoon stating, “All Albuquerque Public Schools will be closed Thursday, Jan. 13, due to a cyberattack that has compromised some systems that could impact teaching, learning, and student safety. … The district is working with contracted professionals to fix the problem.” 

"The district continues to examine a cyberattack that affected the student information system used to take attendance, contact families in emergencies, and ensure that students are picked up from school by authorised people," APS stated online on Thursday afternoon and cancelled classes for Friday. 

APS said it will reopen schools on Tuesday, Jan. 18, after being closed on Monday for Martin Luther King Jr. Day, specifying that administrative offices stayed open. The attack was detected Wednesday morning when instructors attempted to enter onto the student information system and were unable to obtain access to the site, according to APS Superintendent Scott Elder in a brief statement uploaded to the district's APS Technology YouTube page. 

Elder further stated, “APS is working with local and national law enforcement as well as teams of cyber specialists to as quickly as possible limit our exposure to this attack, to protect all systems in our network and ensure a safe environment to return to school and business as usual.” 

He noted that the district's IT department had been "mitigating attacks" in recent weeks. A spokeswoman told the Albuquerque Journal she was sceptical about what kind of attack it was and said she didn’t know whether those responsible had demanded a ransom.