For cybercriminals, nothing is sacred when it comes to money making exploits. Education is currently the biggest target for ransomware and phishing attacks. The Multi-State Information Sharing and Analytics Center (MS-ISAC), a division of U.S. Homeland Security, released an alert on December 4, 2017, to all K12 school districts. The threat summary is as follows:
“Attackers are using phishing attacks to capture the login credentials of school employees who access their direct deposit paycheck accounts and then using the captured information to change the direct deposit information to load prepaid cards to be used by the attacker. “
The discovered scheme works like this:
There are two takeaways from this new threat. The first is that the attack is mitigated if your Microsoft Office is fully patched as the threat takes advantage of a vulnerability within the MSO preview feature. Keeping your systems fully patched is one of the most effective ways to counter a majority of cyber attacks.
The other takeaway is this: school districts are easy targets! This is due to small IT staffs that are consumed with tickets, troubleshooting and maintenance and don’t have the time or in many cases, the knowledge base to enforce cybersecurity. According to an education publication, The Journal, it takes K12 organizations 221 days to identify a breach and 83 days to contain it, compared to 155 days and 34 for the financial industry.
School districts often have more information on people than most businesses. Hackers target school districts to breach their information systems to steal personal information of students and staff such as social security numbers and tax information. In some cases, it may take years for the victims to learn that their personal information has been compromised. Data on teenagers is particularly attractive to hackers who are patient enough to wait until these students begin to establish credit later in life. A number of schools have been targets of ransomware attacks, schools are excellent targets since so many schools are now completely dependent on technology for classroom instruction. Schools even have to worry about attacks from students who attempt to alter grades, steal tests, and implement DDoS attacks in order to disrupt online testing.
Because school districts are considered such weak targets, they are sometimes used as a means to break into other government institutions. Last October, a hacking group breached four Florida school districts in an attempt to breach other sensitive government systems including the state voting systems.
Considering the weak security reputation of school districts, it should be no surprise that there were 445 security incidents in the education sector last year according to the 2017 Verizon Data Breach Investigation Report. What is surprising is the results of a recent survey conducted by the Consortium for School Networking (SoSN) and the Education Week Research Center. The results of the survey point to a relaxed attitude amongst school technology leaders. According to the survey, only 15% reported having implemented a cybersecurity plan in their own district. Some of the results included:
Just as school districts have recognized the value of integrating technology in the classroom, they also need to begin acknowledging the vulnerability of the digital world. Don't let hackers walk through the front door of your school. Failing to secure every device that connects to the school's network provides the ultimate open space for hackers.
Are you an IT professional at a school, that wants to ensure sensitive school, student, and staff data and devices are protected? Talk to a specialist or Email us at firstname.lastname@example.org with any questions.
Sign-up for email updates...