Warning: Ransomware Attacks On Virtual Classrooms

There has been a significant increase in ransomware cyber attacks on virtual classrooms. The Coronavirus has changed the way schools operate greatly increasing the use distance learning has increased, which has brought about new cyber security challenges. 

In the US, the FBI is warning students, teachers and parents that cyber criminals and bad actors are looking to exploit online classrooms. In Britain, the National Cyber Security Centre (NCSC) has been investigating an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities.

Ransomware is a type of malware that prevents you from accessing your systems, or the data held on them, and to get back to normal requires you to pay a criminal in order to get your system back. Typically, the data is encrypted, but it may also be deleted or stolen, or the computer itself may be made inaccessible.More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid.  There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the Dark Net.

In early December, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that showed a nearly 30% increase in ransomware attacks against schools. “In August and September, 57% of ransomware incidents reported to the Multi-State Information Sharing and Analysis Center (MS-ISAC) involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July,” the alert said.

FBI Cyber Section Chief Dave Ring told ABC News: “It’s of greater concern now when it comes to K-12 education, because so many more people are plugged into the technology with schooling because of the distance learning situation,” he said. 
“So, things like distributed denial of service attacks, even ransomware and of course, domain spoofing, because parents are interacting so much more with the schools online.”

Attacks on virtual classrooms vary. In Athens, Texas, criminals blocked hundreds of files, and the school district paid a ransom this summer to unlock them. Another common incident that happens, according to Ring, is “zoom-bombing”, a practice where criminals enter an online classroom and post or yell a racist or inflammatory slur.

The move to distance learning lies behind the increasing level of attacks simply because there are more opportunities for it to be disruptive. Many such attacks motivated a desire to steal information and for financial gain by collecting ransoms. Some are just looking to cause chaos. 

The FBI are urging  schools to work together with law enforcement and if something happens to report it to the FBI and local law enforcement, whereas the NCSC recommends that organisations implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks. 

NCSC:       EdTech Magazine:         I-HLS:      Research Gate:

You Might Also Read: 

Security Advice For Using Video Conference Tools

 

« Cyber Security Is The CEO’s Biggest Problem
Biden Twitter Account Starts With Zero Followers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Device Authority

Device Authority

Device Authority specialises in security automation for the Internet of Things (IoT).

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Buglab

Buglab

The Buglab contest and Vigilante Protocol help companies all over the world to discover and fix vulnerabilities on their digital solutions or assets.

SevenShift

SevenShift

SevenShift is a security consulting firm with a wealth of experience in the worlds of Cybersecurity and Internet of Things (IoT).

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

Liongard

Liongard

Liongard automates the management and protection of modern IT environments at scale for IT MSPs - Managed Service Providers and Enterprise IT Operations.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

ScorpionShield

ScorpionShield

ScorpionShield CyberSecurity is an EC-Council Accredited Training Center, and an On-Demand Service for Cybersecurity professionals.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Convergence Networks

Convergence Networks

Convergence Networks is one of North America's leading Managed Services & Security Providers.