School Refuses Ransom, Student Data Exposed

Student Data Exposed on Dark Web

Hackers are crushing schools and school districts. It's an all-out attack.

Recently, we've seen them hit K-12 and universities.

Some are even calling schools an easy target these days, as back-to-school collides with COVID and the transition to online learning.

Many school cyber attacks fly under the radar, but an attack on the Clark County School District in Las Vegas is no longer a secret. The 320,000 student school system refused to pay the attacker's ransom demands, and things got dicey from there.

A hacker published stolen documents containing Social Security numbers, student grades and other private information after officials refused a ransom demanded in return for unlocking district computer servers.

Now, vast amounts of sensitive student data will be leaked on the Dark Web.

To pay or not to pay is a very challenging decision for these schools.

If they don't pay, they risk this kind of data disclosure while they hope to restore data and replace devices. This can cost millions more than any ransom demands.

If they do pay, they might avoid the loss of sensitive data, but they also run the risk of funding illicit organizations or sanctioned nation-states. This has its own set of problems.

“A big difference between this school year and last school year is they didn’t steal data, and this year they do.”

Over the last year, cybercriminals have upped their game. Ransomware used to simply lock your system and demand payment to unlock (or decrypt) those files. The latest strains of Ransomware now steal all the data they can find first, then they lock up the system and demand the ransom.

The key difference in today's Ransomware is the data theft. Criminals are frequently grabbing vast amounts of sensitive data and threatening to slowly release it if a ransom demand isn't met. It's just like a crazy scene from a movie.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the ones that these school faculty are getting every single day.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) sales team here!

Original article here.
[https://www.wsj.com/articles/hacker-releases-information-on-las-vegas-area-students-after-officials-dont-pay-ransom-11601297930]