Skip to main content
close search
site logo
Dive Brief

Federal agencies warn of heightened cyberthreats against K-12 schools

Published Dec. 11, 2020
David Jones's headshot
Reporter
Teenage girl studying with video online lesson at home family in isolation covid-19. Homeschooling and distance learning
valentinrussanov via Getty Images

Dive Brief:

  • Malicious cyber actors are targeting K-12 schools to launch ransomware attacks, steal data and disrupt distance learning programs, Federal officials said in a Joint Cybersecurity Advisory Thursday. The warning was coauthored by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center. 
  • Ransomware attacks increased since the beginning of the 2020 academic year, according to data from MS-ISAC. Attacks against K-12 schools during August and September made up 57% of reported ransomware incidents, compared with 28% of attacks between January and July.
  • The federal agencies received numerous reports of ransomware attacks against school computer systems, which in some cases have left them unable to conduct distance learning programs. Cyber actors are viewing the schools as targets of opportunity and attacks are expected to continue through the 2020-2021 academic year. 

Dive Insight:

The bulletin comes just weeks after schools in Baltimore and Huntsville, Alabama, were disrupted by ransomware attacks. 

The five most common ransomware variants targeting the K-12 programs between January and September were Ryuk, Maze, Nefilim, AKO and Sodinokibi/REvil, based on open-source data, third-party analysis and information from victims. 

ZeuS, a Trojan that targets Microsoft Windows systems, and Shlayer, a Trojan downloader and dropper for MacOS malware, are among the most prevalent malware types used against K-12 schools. Another method used to attack schools has been distributed denial of service (DDoS) attacks. 

Numerous attacks since March have disrupted live-video conferencing sessions with pornographic or violent images, doxing or harassing teachers and students, according to the agencies. The FBI and CISA are recommending schools develop business continuity plans. Officials are urging schools to patch operating systems, change passwords often, use multifactor authentication and audit user accounts with administrative privileges.

The FBI is advising schools not to pay ransomware demands, as they do not guarantee the release of data files and may further embolden bad actors to commit additional attacks. 

Editors' picks

Company Announcements

View all | Post a press release
Torus Unveils Integrated Energy Storage and AI-Driven Cybersecurity Solutions
From Torus
October 24, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell