Category: schools

As our world increasingly embraces digitization, the importance of robust cybersecurity training cannot be overstated, especially for those responsible for managing and safeguarding digital infrastructures. Among various sectors, a pressing need has emerged for cybersecurity training specifically tailored for teachers in the United Kingdom. This concern is highlighted in a recent survey conducted by The Teacher Tapp, commissioned by the Office of Qualifications and Examinations Regulations, commonly referred to as Ofqual.

The findings of the survey are particularly alarming: approximately one in three teachers may inadvertently jeopardize their school’s IT infrastructure and overall cybersecurity posture. This heightened risk is primarily attributed to a lack of fundamental knowledge regarding cyber threats and the appropriate responses to mitigate them.

According to the survey, over 34% of educational institutions faced a cyber attack in 2023, with this figure expected to rise in the coming year. Many schools are unprepared, struggling to enhance their IT defenses due to budget constraints and a lack of motivation to prioritize cybersecurity measures. This situation underscores a critical gap that could have dire consequences for the safety and integrity of educational environments.

The survey also revealed that nearly 9% of school headmasters acknowledged their frustrating experiences with cyber incidents. Many expressed feeling ill-equipped to manage such crises, lacking both the necessary in-house expertise and the financial resources to recruit specialized personnel. This deficiency not only hampers their ability to respond effectively to attacks but also leaves their institutions vulnerable to future threats.

The implications of this vulnerability are serious. It was reported that about 4% of schools required a significant recovery period—often as long as six months—before returning to normal operations following an incident. Such delays are not only disruptive but also detrimental to the educational process and the well-being of students.

Among the various cyber threats faced by educational institutions, phishing attacks and the spread of malware, particularly ransomware, are prevalent. The North West region of England has been notably impacted, with around 40% of schools in this area reporting at least one cyber incident. This regional statistic serves as a cautionary tale about the urgent need for improved cybersecurity measures.

Looking ahead, the severity of cyber attacks is anticipated to escalate. As more devices are introduced into schools, children spend increasing amounts of time online, and a significant amount of data migrates to the cloud, the potential for cyber threats to grow becomes clear.

In light of these findings, it is crucial for policymakers, educational leaders, and stakeholders to prioritize comprehensive cybersecurity training for teachers. By equipping educators with the knowledge and skills to recognize and respond to cyber threats, we can bolster the defenses of our schools and create a safer digital environment for students and staff alike. The time for action is now; ensuring that our educators are prepared to navigate the complexities of cybersecurity is vital for the protection of our educational institutions.

The post Britain teachers need Cyber security training on an urgent note appeared first on Cybersecurity Insiders.

Interesting New York Times article about high-school students hacking the grading system.

What’s not helping? The policies many school districts are adopting that make it nearly impossible for low-performing students to fail—they have a grading floor under them, they know it, and that allows them to game the system.

Several teachers whom I spoke with or who responded to my questionnaire mentioned policies stating that students cannot get lower than a 50 percent on any assignment, even if the work was never done, in some cases. A teacher from Chapel Hill, N.C., who filled in the questionnaire’s “name” field with “No, no, no,” said the 50 percent floor and “NO attendance enforcement” leads to a scenario where “we get students who skip over 100 days, have a 50 percent, complete a couple of assignments to tip over into 59.5 percent and then pass.”

It’s a basic math hack. If a student needs two-thirds of the points—over 65%—to pass, then they have to do two-thirds of the work. But if doing zero work results in a 50% grade, then they only have to do a little bit of work to get over the pass line.

I know this is a minor thing in the universe of problems with secondary education and grading, but I found the hack interesting. (And this is exactly the sort of thing I explore in my latest book: A Hacker’s Mind.

As the new term approaches, schools across the United Kingdom are grappling with a rising threat – cyberattacks. Many institutions, whether they are gearing up to open their doors or have already commenced preparations, are finding it increasingly challenging to utilize digital services for curriculum planning, class scheduling, and student management.

Several schools have fallen victim to this concerning trend. Among them are St Augustine Academy in Maidstone, Kent, Highgate Wood School, Crouch End School in North London, and the Berkshire Schools group. Shockingly, more than 60% of these schools have fallen prey to ransomware attacks, while others have suffered various forms of cyberattacks.

Notably, a majority of these attacks have specifically targeted secondary schools that had originally planned to reopen on September 5th but had to postpone their reopening to September 11th due to digital assaults and technical difficulties.

One incident involved a notorious ransomware gang targeting Debenham High School, which led to the school’s management isolating infected systems. This disruption severely impacted the school’s IT infrastructure and management for an entire week. As a result, the school’s administration now faces a daunting challenge in deciding how to proceed with the academic year, which has been put on hold.

According to an update from Britain’s National Cyber Security Centre (NCSC), school managements are bombarded with threatening emails every week, including bomb scares and ransomware threats. However, upon investigation, it is revealed that only 1% of these alarming emails turn out to be legitimate threats, with the majority being likely pranks by students seeking to disrupt the start of the school term.

Typically, hackers aim to steal valuable data that they can monetize on the dark web if their attempts to extort their victims fail.

The best approach to address this growing concern is to adopt proactive measures, including educating both students and staff on basic cyber hygiene practices when accessing online content. Ultimately, the responsibility for safeguarding networks from prying eyes lies with dedicated security teams and robust software solutions.

The post Concerns Over Cyber Attacks Growing Among UK Schools appeared first on Cybersecurity Insiders.

After observing a series of ransomware attacks targeting K-12 schools, the United States government convened its inaugural cybersecurity summit on August 8th, 2023, in a concerted effort to mitigate these attacks that have resulted in the compromise of sensitive information such as student medical records, psychiatric assessments, academic performance data, and reports of incidents such as sexual assault on students.

Jill Biden, the First Lady, addressed the issue, emphasizing that safeguarding the future of children hinges on effectively securing their personal data from unauthorized access.

Based on research conducted by security firm Emsisoft, a staggering 48 school districts fell victim to severe ransomware incidents in 2022. In these attacks, malicious groups employing file-encrypting malware exfiltrated data belonging to both students and staff members, including sensitive information like social security numbers and salary account details. The attackers followed a pattern of stealing a subset of data and then issuing threats to publish it online if their demand for cryptocurrency ransom was not met.

A separate report issued by the Government Accountability Office in October 2022 revealed that ransomware hackers had a substantial impact on over 1.2 million students during 2020. This period coincided with increased reliance on online educational programs due to the global lockdowns resulting from the Covid-19 pandemic.

According to findings from the Center for Internet Security, a non-profit organization, by the conclusion of 2021, one out of every three U.S. districts had experienced breaches.

During the Cybersecurity summit attended by Ms. Biden, it was underscored that the ransomware groups had demanded ransom amounts ranging from $50,000 to $1 million from each victim, with approximately 21% of the affected parties complying and making the payment.

With the new school year mere weeks away, the White House, under the leadership of the First Lady and congressional members, engaged in discussions addressing concerns such as mitigating cyber attacks on educational institutions and advocating for stringent punitive measures against perpetrators to instill a deterrent among potential wrongdoers.

The post US holds first ever cybersecurity summit on ransomware attacks on K12 Schools appeared first on Cybersecurity Insiders.

Schools operating in all districts of Texas are issuing DNA Kits to families that will in-turn help identify children during emergencies, such as the one witnessed in Uvalde in May this year where over 19 people including 17 children were killed by a mentally unstable person.

The process seems to be efficiently beneficial only if the digital data given to the school authorities by families remains secure and away from prying eyes.

Now, to those uninitiated, Senate Bill 2158 passed in 2021 legalizes the usage of DNA Kits retrieved information in cases such as missing children and those who were/are trafficked. Each kit includes a drop of saliva, fingerprint, and child’s physical appearance and is distributed by Texas Education Agency.

Some criminals on the dark web are ready to pay heavily if they get their hands on sensitive information, such as contact details leading to identity theft. At the same time, they also have a penchant to buy healthcare related info, as they can sell the information to research labs operating with malevolent purposes.

Good part is that the sample segregation through kits is voluntarily and so parents having second thoughts over data privacy can opt out of the program.

NOTE- During the Uvalde shooting in Texas, many children were killed in the massacre and their parents were asked to submit DNA samples just a couple of days after the massacre to prove the DNA identity with the dead pupils. Often, after such massacres, times are shattering and are hard to deal for parents. So, to avoid any such embarrassments in the future, the Texas school agency is seeking DNA samples from parents to match their children in advance.

 

The post DNA Kits given to children in Texas Schools trigger data privacy fears appeared first on Cybersecurity Insiders.

This is a fun story, detailing the hack a group of high school students perpetrated against an Illinois school district, hacking 500 screens across a bunch of schools.

During the process, the group broke into the school’s IT systems; repurposed software used to monitor students’ computers; discovered a new vulnerability (and reported it); wrote their own scripts; secretly tested their system at night; and managed to avoid detection in the school’s network. Many of the techniques were not sophisticated, but they were pretty much all illegal.

It has a happy ending: no one was prosecuted.

A spokesperson for the D214 school district tells WIRED they can confirm the events in Duong’s blog post happened. They say the district does not condone hacking and the “incident highlights the importance of the extensive cybersecurity learning opportunities the District offers to students.”

“The District views this incident as a penetration test, and the students involved presented the data in a professional manner,” the spokesperson says, adding that its tech team has made changes to avoid anything similar happening again in the future.

The school also invited the students to a debrief, asking them to explain what they had done. “We were kind of scared at the idea of doing the debrief because we have to join a Zoom call, potentially with personally identifiable information,” Duong says. Eventually, he decided to use his real name, while other members created anonymous accounts. During the call, Duong says, they talked through the hack and he provided more details on ways the school could secure its system.

EDITED TO ADD (9/13): Here’s Minh Duong’s Defcon slides. You can see the table of contents of their report on page 59, and the school’s response on page 60.

A cyber gang has leaked data of thousands of British school pupils online and is also threatening to add more to the list, as almost all the 6 victims have chosen not to entertain the cyber criminals.

Information is out that sensitive details such as passport numbers of children, their identity related documents, disciplinary statements, and child protection reports were accessed and stolen by hackers last month.

As the victims, say 5 schools and a college have chosen not to pay a ransom, Vice Society, a well-known gang of cyber criminals, has sold data on the dark web.

Stolen files include digital papers from The De Montfort School, Evesham, Worcestershire, and some pupils from Pilton Community College in Barnstaple, Devon.

Cybersecurity Insiders has also learned from its scribes that the accessed data includes information that was classed as vulnerable and studying from home during the pandemic crisis of COVID-19.

In the past few weeks, the Vice Society tried to establish a contact with its victims to extort money. However, none of them responded to the group of cyber criminals positively and so it sold the siphoned data on the web.

NCSC has received a report of the incident and is investigating it to the core. All the victims are taking the help of third party security firms and IT services to restore the systems and have assured that they will take all measures to mitigate such cyber risks in the future.

 

The post Hackers leak data of thousands of British School Pupils appeared first on Cybersecurity Insiders.

1.) In a study made recently, ransomware attacks on educational institutions are estimated to have crossed $3.58 billion in 2021. And the costs that stemmed were accounted as such from the downtime and recovery expenses incurred through cyber attacks.

The file-encrypting malware attack is said to have affected over 1.3 million students at different schools and colleges.

According to the document released by Comparitech, about 67 ransomware variants hit over 954 schools and colleges last year, affecting over 1.3 million students.

School districts became popular targets for cyber attacks, as many of the educational institutions were operating with obsolete hardware and software.

2.) Conti Ransomware gang that was rumored to have shut down its operations in May this year seems to have resumed its operation again. According to a report compiled by the security intelligence firm Group-IB, Conti targeted almost 40 organizations of enormous size between the months of April to June.

Researchers of Group-IB have determined that Conti launched ransomware attacks in the name of the ARMattack hacking campaign that was primarily conducted from the first week of April this year.

As per the analysis by the security firm, Conti gang members worked almost 14-15 hours a day, except on New Year’s eve, and took just 3 days to compromise a corporate network. The group also operated in a legitimate business model by having members dedicated to R&D, accounts, and customer support, and hired a group of 30-40 money laundering gang members to quench their financial needs.

The R&D gang members of Conti were assigned the duty of analyzing windows updates and finding any flaws in the patches and discovering zero-day vulnerabilities that can be exploited later.

Precisely speaking, Conti gangs occupy the second place on the list of most-wanted cyber criminals by FBI, Interpol, Europol, and NCSC.

The only thing is the more the law enforcement is making arrests, the more the Conti gang is getting elongated.

3.) According to a study conducted by Secureworks, two Chinese hacking groups are conducting espionage in disguise of ransomware attacks. Means, that two hacking groups are using malware to obscure their tracks, and block defenders from launching remediation measures, thus making attribution harder.

Bronze Riverside aka APT41 and Bronze Starlight aka APT10 are the two hacking groups that are using cobalt strike as a decoy to deploy ransomware strains such as AtomSilo, LockFile, Rook, Night Sky, and Pandora.

Currently, the targets are only companies operating in Japan and North America. But researchers predict that their focus could change towards the UK, Canada, and Australia.

4.) Fourth is the news that belongs to a Japanese firm called Nichirin Flex USA. A ransomware gang targeted the company that manufactures hoses for car makers on June 14th of this year.

Since then, the company has been witnessing a delay in tracking and processing orders and distributing them to neighboring nations and overseas.

Nichirin wants employees and clients to be extra vigilant against phishing emails as one or two such emails have reportedly compromised its email network. It has also assured that it will not bow down to the ransom demands of hackers and will instead rely on a data recovery plan.

 

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.

IBM, the American Technology Company, has taken a cybersecurity initiative to improve Ransomware protection in public schools across the United States. The program will be funded solely by the said private entity at a cost of $5 million that will be distributed as a grant across K-12 schools operating throughout the United States.

Aim is to improve the current security posture of schools against ransomware attacks and will be funded by the tech giant as a part of Corporate Social Responsibility initiative to develop social, environmental and governance projects.

Ransomware has become a major threat to educational institutions and IBM is planning to audit the digital defense infrastructure of schools and will then create a playbook for response, accordingly.

Additionally, a team of cybersecurity experts will be asked to create awareness among students and staff about the current cyber landscape and will train the staff, students and parents in handling communication related services while facing a cyber attack event.

Note 1– Emsisoft Research conducted a study in which it established that over 1000 educational institutions were targeted by ransomware attack in 2021, including schools, colleges, and universities.

Note 2– A separate research carried out by Cisco Talos affirmed that the year 2021 witnessed about 2,323 cyber attacks on government infrastructure belonging to schools, colleges and offices functioning across the United States.

Note 3- Charles Henderson, the Chief of IBM Security X-Force, is urging companies not to pay a ransom when they are hit by ransomware gangs. As it encourages crime and doesn’t guarantee a decryption key for ransom exchange.

 

The post IBM takes initiative to improve Ransomware Protection in Public Schools appeared first on Cybersecurity Insiders.