Schools hacked

Hackers, Malware Seek to Exploit Students.

It was bound to happen in the long run.  In this world, it seems that there are those that exist who will seek to exploit the most vulnerable among us.  We’ve heard about scams that exploit ageing seniors.  Through social engineering, they request bank account information or ask for money transfers from the unsuspecting.  

This time they are targeting our kids. Over the last few months, perpetrators are inflicting schools with high profile attacks.

The notorious hacker group, Dark Overlord is the culprit in a few attacks.  Dark Overlord has attacked corporate enterprises like Netflix, doing unauthorized releases of their programs.  Also, they infected a cancer agency with ransomware.  They threatened to damage their reputation by going to patients and donors if a ransom wasn’t paid.  

This time, Dark Overlord hacked a school district in Iowa. They found student contact information and sent menacing texts to parents.  

“I’m going to kill some kids at your son’s high school”, said one text. Another perverse text read, “Your child is still so innocent, don’t have anyone look outside”. Later, the hackers dumped student personally identifiable information on public forums. The group took credit by claiming, “With the student directory from JCSD we released, any child predator can now easily acquire new targets and even plan based on grade level”.

In a separate incident, a Mississippi school district was a target of CryptoRansomware.  The school's lab computers, internet connectivity and website became useless. 

The district scrambled to provide incident response services, contain the threat, clean off the disk images, and get technology-based instruction online again. This put a halt on teaching operations.
In addition to regular security hygiene such as patching systems, and training, there are ways schools can reduce the likelihood of these types of attacks.  Schools have an insider threat problem.  Students are curious beyond the regular curriculum.  They browse to sites that are infected or access emails or applications with malicious code.  Deploying effective web filters with malware avoidance technologies are one way to reduce the threat.  Blocking access to high-risk domains and content is a measure against opportunistic attackers.  Applying rules against the availability of known or suspected infected sites provides another layer.  These are a few critical controls that provide at least an ounce of prevention against much more expensive cures.

For more than 20 years, ContentKeeper has delivered comprehensive, accessible web security solutions for global enterprises, educational institutions and government agencies. We enable our customers to protect their networks, users and data from cyber threats while embracing mobile technology, Internet of Things (IoT) and cloud-based services. 

About the author: Paul Hafen is an 18-year veteran in the Cybersecurity field.  He’s co-founder of a security firm and has worked with hundreds of organizations on security projects. A blogger with emphasis on malware and data loss topics, he researches and reports on the latest vulnerabilities and attacks for ContentKeeper.