Skip to main content
close search
site logo
Dive Brief

Federal agencies warn of heightened cyberthreats against K-12 schools

Published Dec. 11, 2020
David Jones's headshot
Reporter
Teenage girl studying with video online lesson at home family in isolation covid-19. Homeschooling and distance learning
valentinrussanov via Getty Images

Dive Brief:

  • Malicious cyber actors are targeting K-12 schools to launch ransomware attacks, steal data and disrupt distance learning programs, Federal officials said in a Joint Cybersecurity Advisory Thursday. The warning was coauthored by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center. 
  • Ransomware attacks increased since the beginning of the 2020 academic year, according to data from MS-ISAC. Attacks against K-12 schools during August and September made up 57% of reported ransomware incidents, compared with 28% of attacks between January and July.
  • The federal agencies received numerous reports of ransomware attacks against school computer systems, which in some cases have left them unable to conduct distance learning programs. Cyber actors are viewing the schools as targets of opportunity and attacks are expected to continue through the 2020-2021 academic year. 

Dive Insight:

The bulletin comes just weeks after schools in Baltimore and Huntsville, Alabama, were disrupted by ransomware attacks. 

The five most common ransomware variants targeting the K-12 programs between January and September were Ryuk, Maze, Nefilim, AKO and Sodinokibi/REvil, based on open-source data, third-party analysis and information from victims. 

ZeuS, a Trojan that targets Microsoft Windows systems, and Shlayer, a Trojan downloader and dropper for MacOS malware, are among the most prevalent malware types used against K-12 schools. Another method used to attack schools has been distributed denial of service (DDoS) attacks. 

Numerous attacks since March have disrupted live-video conferencing sessions with pornographic or violent images, doxing or harassing teachers and students, according to the agencies. The FBI and CISA are recommending schools develop business continuity plans. Officials are urging schools to patch operating systems, change passwords often, use multifactor authentication and audit user accounts with administrative privileges.

The FBI is advising schools not to pay ransomware demands, as they do not guarantee the release of data files and may further embolden bad actors to commit additional attacks. 

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell