The education sector is being increasingly targeted by a ransomware gang, according to the FBI, CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The three agencies warn that a threat actor identified as “Vice Society” has been “disproportionately targeting the education sector with ransomware attacks” in a combined alert released this week. The K–12 education sector is frequently the target of ransomware attacks, and the US government agencies anticipate an increase in attacks as the 2022–2023 school year gets underway.
Ransomware attacks on K–12 institutions may result in everything from lost school days to data access restrictions, test delays, and the theft of staff and student personal information. According to the FBI, CISA, and MS-ISAC, “K-12 institutions may be considered as particularly profitable targets due to the volume of sensitive student data accessible through school networks or their managed service providers.”
Data backups should be kept offline, backups should be encrypted, backups should be monitored for external remote connections, execution of unknown programmes should be restricted, multi-factor authentication should be used, user accounts should be audited, network segmentation should be used, unused ports should be disabled, systems and applications should be kept up to date, and a recovery plan should be put into place, these are the few guidelines an organisation should take care of.
