Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Educational Institutes. Show all posts

Colorado Department of Higher Education Attacked by Ransomware

 

The Colorado state government has issued a cautionary message to both students and educators regarding a potential security breach. The incident involves unauthorized access to personal information dating back to 2004. As stated on the official website of the Colorado Department of Higher Education (CDHE), the organization fell victim to a ransomware attack. 

During the period of June 11 to June 19, hackers managed to infiltrate the CDHE's systems, from which they extracted and duplicated data. The compromised data encompasses a range of details, including the names of students and teachers, addresses, Social Security numbers, student ID numbers, as well as various unspecified educational records, as confirmed by the CDHE. 

Ransomware refers to a type of malicious software that infiltrates computer systems. It has the ability to either extract sensitive data or restrict the system owner/user's access to their own information. Typically, the individual or group responsible for the malware then demands a ransom in order to reinstate access to the compromised data or system. 

As per the report, individuals could potentially be affected by the attack: 

• Individuals who were enrolled in a Colorado public higher education institution from 2007 to 2020. 

• Those who attended a Colorado public high school from 2004 to 2020. 

• Individuals possessing a Colorado K-12 public school educator license between 2010 and 2014. 

• Participants in the Dependent Tuition Assistance Program during the period of 2009 to 2013. 

• Those involved in Colorado Department of Education's Adult Education Initiatives programs spanning from 2013 to 2017. 

• Individuals who obtained a GED between the years 2007 and 2011. 

Megan McDermott, who holds the position of Senior Director of Communications and Community Engagement at CDHE said that the CDHE is aware of the entity behind the ransomware. However, she declined to disclose the specific ransom amount due to ongoing criminal and internal inquiries. Further, she confirmed that the CDHE did not comply with the demands of the ransom. 

In the past few weeks, there has been a surge in ransom attacks in Colorado. In the previous month, Colorado State University (CSU) acknowledged an incident where the Clop ransomware group accessed the sensitive personal data of both present and past students and staff. 

This breach occurred alongside the MOVEit mass hacking. The identical group of hackers also directed their efforts towards Colorado's Department of Health Care Policy and Financing. This department revealed that the personally identifiable information of individuals enrolled in Colorado's Medicaid program or child health plan might have been exposed.

Schools in California are Taking Precautions to Monitor Potential Cyberattacks

School districts across California and the country are attempting to determine the best ways to lower the risk and safeguard their data and information technology as cyberattacks continue to target educational systems. 

Authorities have implemented additional safeguards such as requiring double authentication for access to data, backup systems, and a shift to cyber insurance. State and federal governments are starting to take action to scrutinize threats in the meantime.

"A cybersecurity crisis will happen in a school system; the question is when." The regional director of the nonprofit K12 Security Information Exchange and cybersecurity expert Doug Levin stated, "It's only a matter of when. Those hazards need to be taken into account in the continuing administration and management of school systems."

San Luis Coastal Unified, which experienced a ransomware assault in May, is "really trying to double down now and do anything we can to guarantee that, if it does happen again, that we can make it as little and less disruptive as possible," said Ryan Pinkerton, the superintendent of business.

A notable recent instance was when Los Angeles Unified was attacked over the Labor Day holiday. After the district decided not to negotiate or pay a ransom on the advice of law enforcement, the crime syndicate that attacked it posted some of its data online.

Although LAUSD did not pay the ransom, some experts believe that other districts may have. According to Levin, districts do not always make this information available. That choice is influenced by the sensitivity of the compromised data and the time and money needed to retrieve lost data.

According to data from cybersecurity company Emsisoft, which keeps track of known occurrences, ransomware attacks have so far this year affected more than 60 school districts, colleges, and universities across the nation. At least 30 K–12 public school systems are included, but since districts are not compelled to record such occurrences, the situation may be considerably worse, according to Brett Callow, a security analyst for Emsisoft.

The education sector is predicted to experience fewer assaults in 2022 than the previous two years, in which each had more than 80 occurrences, but this year's ransomware attacks nevertheless show that hackers are still quite interested in the school industry.

Even though no school days were ever missed, Superintendent Tracey Quarne said that since then, recovery has been gradual. The outcome was that the district had to develop a new financial system as well as a second email system. He claimed that it had been frustrating.

Quarne refused to comment on if the Glenn County Office of Education paid a ransom or if any of its data had been made public after the breach, claiming that the situation was still being investigated.

This year, the criminal organization Vice Society, which appears to be based in Russia, has claimed responsibility for ten different attacks on the American educational system. As a result, the U.S. Cybersecurity and Infrastructure Security Agency issued a warning in September about Vice Society's disproportionate attacks on schools.

The Federal Communications Commission has been urged by educational institutions and school systems like LAUSD to permit the use of E-rate funds, which are intended to lower the cost of digital information services for libraries and schools, for cybersecurity.

The Department of Education's cybersecurity policies have not been updated since 2010, and the U.S. Government Accountability Office has advised that they be. These initiatives have not yet yielded any noticeable effects, nonetheless.

Cyberattack Compels Albuquerque Public Schools to Close 144 Schools

 

Following a cyberattack that attacked the district's attendance, communications, and transportation systems, all 144 Albuquerque Public Schools are closed for the remainder of this week, according to APS's announcement on mid-day Thursday. 

APS is one of the 50 largest school districts in the country, with around 74,000 students. 

District IT staff discovered the problem on Wednesday, and APS posted a statement on its website and Twitter account that afternoon stating, “All Albuquerque Public Schools will be closed Thursday, Jan. 13, due to a cyberattack that has compromised some systems that could impact teaching, learning, and student safety. … The district is working with contracted professionals to fix the problem.” 

"The district continues to examine a cyberattack that affected the student information system used to take attendance, contact families in emergencies, and ensure that students are picked up from school by authorised people," APS stated online on Thursday afternoon and cancelled classes for Friday. 

APS said it will reopen schools on Tuesday, Jan. 18, after being closed on Monday for Martin Luther King Jr. Day, specifying that administrative offices stayed open. The attack was detected Wednesday morning when instructors attempted to enter onto the student information system and were unable to obtain access to the site, according to APS Superintendent Scott Elder in a brief statement uploaded to the district's APS Technology YouTube page. 

Elder further stated, “APS is working with local and national law enforcement as well as teams of cyber specialists to as quickly as possible limit our exposure to this attack, to protect all systems in our network and ensure a safe environment to return to school and business as usual.” 

He noted that the district's IT department had been "mitigating attacks" in recent weeks. A spokeswoman told the Albuquerque Journal she was sceptical about what kind of attack it was and said she didn’t know whether those responsible had demanded a ransom.