You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Are Schools An "Easy" Target?

Ransomware groups are hitting K-12 and Universities. And a lot of them. But why?

What makes schools an "easy" cyber target?

The 200,000 student Fairfax County Public School system became one of the latest victims of Ransomware targeting schools across the country. Other recent K-12 victims include Hartford, CT and Haywood County, NC.

"We currently believe we may have been victimized by cyber criminals who have been connected to dozens of ransomware attacks in other school systems and corporations worldwide." - Fairfax County Public Schools

The notorious Maze Ransomware team claims the bragging rights for this attack. Maze is the same group who hacked a prominent computer chip manufacturer and a law firm in Texas.

Ransomware continues pouring in the profits for these groups. So much so that the Maze Team formed a cybercriminal cartel to further expand their reach.

Schools remain an “easy target” for ransomware actors, even more so with many districts being forced to adopt universal online education, broadening the potential attack surface.

Calling schools an easy target seems a cheap criticism. It's not.

In reality, it's an acknowledgement of the enormous challenges school administrators they face in this Pandemic-accelerated technological change. School staff are heroes in this crazy environment.

Let's step back for a moment and recognize how these attacks occur. And yes, these attacks all start at the same place: a single successful Phishing email. School faculty have overflowing email inboxes, which makes it easy for the Maze team to slide right in with malicious (but very real looking!) Phishing emails.

The attack begins once a single employee clicks just one of these Phishing email links. When it's a group as skilled as Maze on the other side, the damage often skyrockets.

The cybercriminals immediately seek and steal as much data as they can. Once that's done, they can move to encrypting (or locking) the school's network. And this is exactly what happened in Fairfax, too.

Next, the Ransomware team makes their ransom demand, with instructions on how to pay via Bitcoin (or other cryptocurrency).

And if the school doesn't pay?

That's when the hackers start releasing pieces of sensitive data, like cutting off a finger in a real-world hostage situation. And yes, this also happened in Fairfax.

These hacker groups treat this as a business, and they intend to maximize their profits, just like any other business does.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the one that the school employee fell for.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) sales team here!

Original articles here and here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.