Countries
Close
USA Canada Spanish USA Malaysia Singapore UK Indonesia Indonesia UAE UAE Philippines Philippines Germany Deutschland Korean Flag Korea France Italy Japan Russia Turkey
Home FBI: School divisions ‘lucrative targets’ of cyber attacks due to sensitive student data
Local

FBI: School divisions ‘lucrative targets’ of cyber attacks due to sensitive student data

Crystal Graham
Published date:
school cyber security
(© Pixels Hunter – stock.adobe.com)

Cybersecurity Advisory alert was issued last week after a school system in California was allegedly attacked by a group known as the Vice Society.

According to the alert, the education sector, including school districts and colleges, has been a frequent target of ransomware attacks.

An Augusta County Public Schools spokesperson said the school system is proactive when it comes to security.

“Augusta County Public Schools takes all aspects of safety and security seriously. This includes the security of our electronic data,” said Miranda Ball, executive director of communications. “Our technology department is continually proactive in these efforts and responsive to guidance from related agencies, including the FBI.”

Waynesboro Public Schools said they replaced their firewall in March with a next generation SonicWall network security appliance.

“We also have a backup appliance that backs data up to an offsite location to protect against data loss,” said Roger Ramsey, network manager for Waynesboro City Public Schools. “We are confident in our cybersecurity resources, but our technology team is constantly updating our system and patching deficits that are identified.”

Staunton Public Schools are taking advantage of educational opportunities from the Virginia Department of Education’s Office of Information Security. The education includes threat management resources, contacts and guides for troubles they may see or experience.

“In the constant wake of cybersecurity attacks, our awareness is and has been at a heightened level,” said Tom Lundquist, director of technology for Staunton City Public Schools. “We continue our educational technology research and evaluate and test our selected implementations of adopted best practices to safeguard our data.”

The Cybersecurity Advisory alert was issued by the Federal Bureau of Investigation, the Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center.

“Over the past several years, the education sector, especially kindergarten through twelfth grade institutions, have been a frequent target of ransomware attacks,” the alert read. “Impacts from these attacks have ranged from restricted access to networks and data, delayed exams, canceled school days, and unauthorized access to theft of personal information regarding students and staff.

“The FBI, CISA and the MS-ISAC anticipate attacks may increase as the 2022/23 school year begins and criminal ransomware groups perceive opportunities for successful attacks,” the alert read. “School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable.”

The alert continued: “K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers.”

The advisory recommends:

  • Maintain offline backups of data, and regularly maintain backup and restoration. By instituting this practice, the organization ensures they will not be severely interrupted, and/or only have irretrievable data.
  • Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure. Ensure your backup data is not already infected.
  • Review the security posture of third-party vendors and those interconnected with your organization. Ensure all connections between third-party vendors and outside software or hardware are monitored and reviewed for suspicious activity.
  • Implement listing policies for applications and remote access that only allow systems to execute known and permitted programs under an established security policy.
  • Document and monitor external remote connections. Organizations should document approved solutions for remote management and maintenance, and immediately investigate if an unapproved solution is installed on a workstation.
  • Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., hard drive, storage device, the cloud).

The alert also encouraged school systems to implement recommendations of the CSA to reduce the likelihood and impact of ransomware incidents which can cost school systems millions of dollars.

If you or your organization is the victim of a network intrusion, data breach, or ransomware attack, contact your nearest FBI field office or report it at tips.fbi.gov.

For more information on cyber threats, visit fbi.gov/investigate/cyber

Crystal Graham

Crystal Graham

Crystal Abbe Graham is the regional editor of Augusta Free Press. A 1999 graduate of Virginia Tech, she has worked for nearly 25 years as a reporter and editor for several Virginia publications, written a book, and garnered more than a dozen Virginia Press Association awards for writing and graphic design. She was the co-host of "Viewpoints," a weekly TV news show, and co-host of Virginia Tonight, a nightly TV news show. Her work on "Virginia Tonight" earned her a national Telly award for excellence in television.

Top News

1 Political football over Virginia state budget will delay funding for local services, schools
2 New Virginia law allowing direct NIL payments will be a game-changer for UVA
3 Oklahoma raises issue over trans woman Nyla Rose wrestling on AEW ‘Dynamite’
4 Shonn Bell comes back home as new football coach at Waynesboro High School
5 ‘Unacceptable’: Virginia AG pushes Biden administration on missing migrant children

Latest News

steve enright bridgewater
Sports

Bridgewater College basketball coach Steve Enright leaving for Keene State job

Chris Graham
jmu football
Sports

JMU introduces Eastern Kentucky AD Matt Roan as new athletics director

Chris Graham

It’s been a busy couple of days of changes at the top at James Madison University, with the school naming Charlie King the interim president, and a new person being put in charge of the athletics department, Matt Roan, of late the AD at Eastern Kentucky.

Taylor Swift in concert in New York
Arts & Media, US & World

‘The Tortured Poets Department’ is here: Happy release day for Swifties everywhere

Larissa Goalder

At 2 a.m. ET, Taylor Swift announced “The Tortured Poets Department” is actually a double album, meaning 31 new songs are out today, under the title “TTPD: The Anthology.”

senior citizen smelling flowers in garden
Climate, Virginia

Warmer weather in Virginia means earlier planting times, longer harvest season, more bugs

Crystal Graham
live music concert
Schools, Virginia

Shenandoah Conservatory to offer three-day summer guitar festival

Crystal Graham
arrest handcuffs jail prison sentence
Public Safety, Virginia

Richmond Police: Suspect charged in homicide of 14-year-old male

Crystal Graham
crime scene tape
Public Safety, Virginia

Police: Richmond man charged in Deforrest Street juvenile homicide

Crystal Graham

Augusta Free Press LLC | Privacy Policy

DMCA.com Protection Status