Warning: Ransomware Attacks On Virtual Classrooms

Uploaded on 2021-01-25 in JOBS-Training, FREE TO VIEW

There has been a significant increase in ransomware cyber attacks on virtual classrooms. The Coronavirus has changed the way schools operate greatly increasing the use distance learning has increased, which has brought about new cyber security challenges. 

In the US, the FBI is warning students, teachers and parents that cyber criminals and bad actors are looking to exploit online classrooms. In Britain, the National Cyber Security Centre (NCSC) has been investigating an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities.

Ransomware is a type of malware that prevents you from accessing your systems, or the data held on them, and to get back to normal requires you to pay a criminal in order to get your system back. Typically, the data is encrypted, but it may also be deleted or stolen, or the computer itself may be made inaccessible.More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid.  There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the Dark Net.

In early December, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that showed a nearly 30% increase in ransomware attacks against schools. “In August and September, 57% of ransomware incidents reported to the Multi-State Information Sharing and Analysis Center (MS-ISAC) involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July,” the alert said.

FBI Cyber Section Chief Dave Ring told ABC News: “It’s of greater concern now when it comes to K-12 education, because so many more people are plugged into the technology with schooling because of the distance learning situation,” he said. 
“So, things like distributed denial of service attacks, even ransomware and of course, domain spoofing, because parents are interacting so much more with the schools online.”

Attacks on virtual classrooms vary. In Athens, Texas, criminals blocked hundreds of files, and the school district paid a ransom this summer to unlock them. Another common incident that happens, according to Ring, is “zoom-bombing”, a practice where criminals enter an online classroom and post or yell a racist or inflammatory slur.

The move to distance learning lies behind the increasing level of attacks simply because there are more opportunities for it to be disruptive. Many such attacks motivated a desire to steal information and for financial gain by collecting ransoms. Some are just looking to cause chaos. 

The FBI are urging  schools to work together with law enforcement and if something happens to report it to the FBI and local law enforcement, whereas the NCSC recommends that organisations implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks. 

NCSC:       EdTech Magazine:         I-HLS:      Research Gate:

You Might Also Read: 

Security Advice For Using Video Conference Tools

 

« Cyber Security Is The CEO’s Biggest Problem
Biden Twitter Account Starts With Zero Followers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

High-Tech Bridge

High-Tech Bridge

High-Tech Bridge SA is a Swiss MSSP provider offering security auditing, source code review and computer forensics.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

Office of the National Security Council (UVNS) - Croatia

Office of the National Security Council (UVNS) - Croatia

UVNS coordinates, harmonizes the adoption and controls the implementation of information security measures and standards in the Republic of Croatia.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

BlackCloak

BlackCloak

BlackCloak provides Concierge Cyber Security for high-net-worth individuals and corporate executives to protect them from cybercrime, reputational risks, hacking and identity theft.

36 Group

36 Group

36 Group's criminal law team, has the experience and specialist knowledge to conduct effectively trials heavily concerned with the growing phenomenon of Cybercrime.

NWN Carousel

NWN Carousel

NWN Carousel delivers AI-powered technology solutions for the modern workplace. From unified communications and intelligent infrastructure to robust cybersecurity.

EtherAuthority

EtherAuthority

EtherAuthority's engineering team has been helping blockchain businesses to secure their smart contract based assets since 2018.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Virtual Infosec Africa (VIA)

Virtual Infosec Africa (VIA)

Virtual InfoSec Africa (VIA) is a wholly-owned Ghanaian company specializing in information security and cybersecurity solutions and services.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.