School Cybersecurity and Ransomware Attacks
As schools gradually begin to reopen, among all the other safety concerns pressing on districts, one risk that hasn’t subsided is the security of personal data. Even in this interim, data breaches have continued in education. Most recently we hear of ProctorU, an online exam platform, enduring a breach as part of 18 firms with databases totaling around 386 million records. ProctorU was hit for the personal data of 444,000 people, primarily college students. According to the firm’s statement on Twitter, these records were from 2014 (although other years have also been observed) and were discovered for sale on the dark web this July.
Although the data appears to be old, it would be no surprise if a good portion of the details—emails, cell phone numbers, passwords—were still in use, and thus still valuable to cyber criminals.
Other organizations aside from ProctorU were also included in the illicit sale, like UCLA, Harvard, Syracuse, and the US military.
We still don’t know the cause of the breach, but stories like these are pretty much what you’ll keep hearing during this period of uncertainty. Cyber attacks on this school, or that library, or any number of healthcare institutions and medical device manufacturers. According to the FBI, reports to their cyber division about data security incidents are up to 4,000 a day. Interpol has observed several major target areas, such as governments, critical infrastructure, and medical organizations.
Ransomware attacks have soared by about 800%, says Zohar Pinhasi, founder of cybersecurity firm MonsterCloud. Big business has been a frequent and unsurprising target, seen as a data treasure trove for hackers. Canon lost 10 terabytes of data to ransomware, and Honda in June announced their own cyberattack troubles. Pinhasi observes that attacks like these have spiked since the pandemic began—and that isn’t even addressing the fraud schemes that leverage people’s concerns over the virus, to trick them into relinquishing their private information.
Clearly the frequency and scale of these incidents should put organizations, and especially those in education, on higher alert, as they attempt to reopen and establish some degree of normal operations.