As a result of Cyberattacks, several school systems have had to delay the new school year. In September of 2020, attacks in Hartford, Conn. and Clark County, Nev. forced postponements, and security experts say that this is just the beginning as more students head back to the classroom.
Hartford’s ransomware attack caused an outage of several systems, including the software that delivers real-time information on bus routes. That led school leaders to delay the first day of classes.
According to Heather Paunet, senior vice president of product management at Untangle, “In 2020, schools are facing more complex cyber-threats as the need for data, monitoring and contact tracing become key factors in students returning to in-person classes.”
“The other side of the coin is that many schools are beginning the year remotely, meaning that students will have longer periods of time where they are connected to the internet, and being a possible point of access. Managing student data and network access will be essential in both cases.”
Global cybersecurity software provider Armor has also identified 17 U.S. school districts and colleges that encompass 284 schools that have been victimized by ransomware between January 1st and April 8th of 2020. Of the 17 school districts victimized, 15 have not disclosed whether they paid the ransom, while two refused to pay. Four of the schools reported the strain of ransomware used to attack them. The malware strains involved included Sodinokibi, Ryuk and Maze ransomware.
These attacks are not limited to schools. Municipalities, healthcare organizations, managed service providers and cloud-based service providers have also been victimized.
What is Zoom-Bombing?
In addition to ransomware, schools and students now face several threats as students return to learning during the global Coronavirus pandemic. One of the more prevalent threats is Zoom-bombing, a trend that began early in 2020 as coronavirus lockdowns led to a massive spike in the use of videoconferencing software. These attacks consist of a hacker gaining access to the dial-in information and “crashing” a Zoom session – often sharing adult-themed or otherwise disturbing media.
In one case, a 14-year-old boy from Park Ridge, Ill. was accused of sharing login information for remote classes at a high school, which resulted in Zoom-bombers hijacking remote classes during the first week of school from August 25th through August 27th. In another case, a man was arrested after Zoom-bombing an online lecture conducted by the University of Houston and making bomb threats.
To combat this, Zoom instituted two-factor authentication (2FA) as a way for teachers and students to secure their accounts. The company hopes the feature will stop hackers from penetrating video conferences, one of the main security issues that have plagued the service and even inspired lawsuits against the software maker since its marked increase in popularity during the COVID-19 pandemic.
What Are Some Other Back to School and Back to Work Scams?
Another common back-to-school scam that can be exploited with the surge of virtual learning is email phishing campaigns. In 2019, researchers discovered that students at hundreds of universities all over the world were being targeted with phony phishing emails, which contained attachments or links to fake university login portals or mimicked university library administration login pages.
How Can You Secure Your Virtual Learning or Remote Working Environment
Sadly, many school districts still haven’t woken up to the reality of ransomware attacks. Many are either ignorant of the threats or living in denial. For those who seek to be proactive in combating potential threats, here are some simple, but effective suggestions to consider:
Backup Your Data
Prepare for the worse! In this modern digital environment, expect that eventually you will be the victim of an attack. That’s why having backups is crucial. Store backups offsite so they won’t get infected if a ransomware attack hits your school or business.
Implement a Strong Identity Management Strategy
We can no longer rely on traditional firewalls and virtual private networks. Seek out and implement a strong 2-factor identification strategy with all the applications and software you employ. Proper identity management of users, including proper lifecycle management, authorization and authentication is of vital importance.
Automating your systems can also help IT departments save time and stay ahead of detecting and preventing hacks. Suppose someone on your school or company’s IT team is babysitting the network every day. In that case, you’re going to miss the times that parents, students or private employees have access issues or want to experiment with new applications or tools. So, if your IT team is focused only on the network’s traffic, they may miss a preventable event, like uploading a malicious program or opening a compromised file.
Scan and Wipe
Employ the use of software to scan for personally identifiable information. TThis will find sensitive and high-risk information, such as social security numbers and health records, and ensure that the data is stored in the network’s most secure place. IT teams can also utilize tools that identify misconfigurations and vulnerabilities. As more companies and school districts distribute devices to students and employees, they’ll need a remote wipe mechanism, perhaps a program that comes with mobile device management solutions. Remote wipe software tracks where devices are and erase the data stored on those devices remotely if they are stolen or lost.
If you are still having trouble, consider contacting remote technical support options.