When the Public Sector IT leadership is taking a stand against paying ransom, the attacks have changed to steal money, instead of holding hostage. Even though Backup is essential and a lot of value against cyber-crimes, it cannot be the primary (or only) protection against cybercrimes. It is one of the tools in the arsenal to manage the impact of a malware (especially ransomware).
Hackers have stolen $800,000 from Cape Code Community College via phishing attack and malware. The phishing email disguised as coming from another college. The attachment had a polymorphic virus attached. The hackers apparently setup fake bank accounts and fraudulently transferred money. The bank suspected and stopped a few of those transfers.
In the recent months, there have been multiple attacks on Community Colleges, Medium-sized Universities, Educational organizations, K-12 School Districts, in addition to crimes on local governments.
- The attackers have stolen $1.4 million from multiple accounts belonging to Connecticut Higher Education Trust (CHET).
- The hackers have brought down the operations at Northcentral Technical College in Wisconsin for many days resulting in weeks of cancelled classes.
- Monroe College and Hamilton College in New York.
- New Jersey Public School district has lost over $200,000 to a cybersecurity incident.
- Rockford School District 205 is still trying to rebuild their IT infrastructure and in the process of restoring internet, phones and emails after the cyberattack on Sept 6th, 2019.
- The Flagstaff Untied School District in Arizona had the same cyberattack that Rockford 205 had and were closed for a couple of days.
- Oberlin College in Ohio and Grinnell College in Iowa.
- Rockville Centre School District in Long Island ended up paying $88,000 for restoring access to their systems.
- An attack cost a Texas district about $2 million.
- Cyberattacks in school systems in Idaho, Louisiana, New Jersey and Texas cost those districts between $300,000 and $988,000.
- Prince George’s County public schools in Maryland had their staff’s personal data stolen.
The above map shows incidents reported since 2016. However, K-12 cybersecurity incidents reporting is incomplete and only captures a small fraction of incidents experienced. Additionally, the mandatory cybersecurity incident reporting requirements varies across states.
Video explaining Malware Attacks on Schools
122 reported cyber-attacks in 2018.
419 reported incidents since 2016.
Estimated 10-15 times more that haven’t been reported.
US DoE: K12 schools are susceptible to ransomware cyber-attacks
The US Department of Education (DoE) has issued an alert specifying that almost all K12 schools are extremely vulnerable to hackers.
DoE learned that more than 60% of schools targeted by hackers choose to pay a ransom, discouraging the schools from paying a ransom. Instead, she is asking the IT staff to come up with a business continuity plan by seeking data continuity measures.
The advisory also insists on carrying security audits to identify weakness and asks to update/patch vulnerable systems. The alert asks all K-12 schools to take up audit logs from time to time and to track suspicious activity in order to avoid any untoward situation in near future. Training staff and students on data security best practices and creating an awareness of phishing and social engineering attacks are also being encouraged by DoE.
Paying ransom is funding the enhancement and sophistication of Cyberattacks.
Moody’s Investors Service reports that the Cyberattacks on higher education institutions are on the rise. The credit rating agency characterized cyber-risks for the sector as “Medium.”
While colleges’ vulnerability to cyberattacks is High, the “financial and reputational impacts” of these attacks are low, the report said. A high-profile loss of personal information could, however, “affect a student’s decision to enroll or a donor to donate.”
Universities with medical centers and substantial research profiles are identified as the most vulnerable to cyberattack, but they also are most likely to be prepared. Federally funded research, particularly relating to defense, also is at risk from cyberespionage. Verizon’s 2019 Data Breach Report suggests that espionage is the motive behind 11 percent of attacks on educational institutions.
9 challenges identified by Higher Ed
- Sheer volume of Digital Assets that are managed and their (extraordinary) value
- Threat landscape is getting more complex
- Intrusive Data collection of Social Media Entities
- Security of (IoT) devices (or lack thereof)
- Continued Growth of Compliance Obligations
- Difficulty in Retaining Trained Security Staff
- Continued practice of Password Re-use
- Risk Management in the Cloud
- Balancing Security with the Open environment of Higher Education
Ascent InfoSec specializes in providing consulting, advisory and operational services to K-12, Higher Ed. State and Local Gov. Ascent InfoSec operates a 24×7 Security Operations Center based in Chicago, and understands the public sector really well.
Contact the solutions team to see how to get help with your security assessments, concerns, and initiatives.