Warning: Ransomware Attacks On Virtual Classrooms

There has been a significant increase in ransomware cyber attacks on virtual classrooms. The Coronavirus has changed the way schools operate greatly increasing the use distance learning has increased, which has brought about new cyber security challenges. 

In the US, the FBI is warning students, teachers and parents that cyber criminals and bad actors are looking to exploit online classrooms. In Britain, the National Cyber Security Centre (NCSC) has been investigating an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities.

Ransomware is a type of malware that prevents you from accessing your systems, or the data held on them, and to get back to normal requires you to pay a criminal in order to get your system back. Typically, the data is encrypted, but it may also be deleted or stolen, or the computer itself may be made inaccessible.More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid.  There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the Dark Net.

In early December, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that showed a nearly 30% increase in ransomware attacks against schools. “In August and September, 57% of ransomware incidents reported to the Multi-State Information Sharing and Analysis Center (MS-ISAC) involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July,” the alert said.

FBI Cyber Section Chief Dave Ring told ABC News: “It’s of greater concern now when it comes to K-12 education, because so many more people are plugged into the technology with schooling because of the distance learning situation,” he said. 
“So, things like distributed denial of service attacks, even ransomware and of course, domain spoofing, because parents are interacting so much more with the schools online.”

Attacks on virtual classrooms vary. In Athens, Texas, criminals blocked hundreds of files, and the school district paid a ransom this summer to unlock them. Another common incident that happens, according to Ring, is “zoom-bombing”, a practice where criminals enter an online classroom and post or yell a racist or inflammatory slur.

The move to distance learning lies behind the increasing level of attacks simply because there are more opportunities for it to be disruptive. Many such attacks motivated a desire to steal information and for financial gain by collecting ransoms. Some are just looking to cause chaos. 

The FBI are urging  schools to work together with law enforcement and if something happens to report it to the FBI and local law enforcement, whereas the NCSC recommends that organisations implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks. 

NCSC:       EdTech Magazine:         I-HLS:      Research Gate:

You Might Also Read: 

Security Advice For Using Video Conference Tools

 

« Cyber Security Is The CEO’s Biggest Problem
Biden Twitter Account Starts With Zero Followers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SonicWall

SonicWall

SonicWall provide products for network security, access security, email security & encryption.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Panaseer

Panaseer

Panaseer is an enterprise cybersecurity automation and data analytics company that helps organizations stop preventable breaches by ensuring security controls are working effectively.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Thinkst Applied Research

Thinkst Applied Research

Thinkst is an Applied Research company with a deep focus on information security.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

GlobalPlatform

GlobalPlatform

GlobalPlatform’s specifications are highly regarded as the international standard for enabling digital services and devices to be trusted and securely managed throughout their lifecycle.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

Kasada

Kasada

Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them.

Jisc

Jisc

Jisc is a membership organisation working in partnership with the UK’s research and education communities to develop the digital technologies they need to teach, discover and thrive.

Hayes Connor Solicitors

Hayes Connor Solicitors

Hayes Connor Solicitors is a specialist data breach and cybercrime law firm. We act for clients on individual data breaches and also where a group has been compromised as part of a targeted attack.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

SEK Security Ecosystem Knowledge

SEK Security Ecosystem Knowledge

SEK helps companies in the complex path of cybersecurity; in the analysis, detection and prevention of digital threats.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Harrison Clarke

Harrison Clarke

Harrison Clarke is a leading staffing and recruiting firm in the Cloud, Cybersecurity, Data & AI space.