Login

Register

Login

Register

SA cyber gurus weigh in on Judson ISD hack | #computerhacking | #hacking | #cybersecurity | #infosecurity | #hacker



If you feel like you’re hearing about more ransomware cyberattacks, it’s not your imagination.

The Colonial Pipeline, meat processor JBS, chemical distributor Brenntag, computer-maker Acer, automaker KIA and the Houston Rockets are just a few organizations hit by data hijackers so far this year.

Ransomware encrypts files and systems, rendering them unusable to the owner. The hackers then demand a ransom, usually in cryptocurrency, in exchange for releasing the data.

The FBI’s Internet Crime Complaint Center reported 2,474 ransomware attacks in the U.S. in 2020, with losses totaling more than $29.1 million. This year is on pace to smash those numbers.

Ransomware is just a fraction of the ever-growing list of computer threats. Last year, the FBI fielded 791,790 internet crime complaints nationwide, a 69 percent increase from 2019. The attacks resulted in a loss of $4.1 billion.

In 2020, Texas had 38,640 reported victims of cyber crime, the third highest number in country following California and Florida.

With the National Security Agency’s Texas Cryptologic Center, the Air Force’s cyber warfare headquarters, a bevy of computer security firms and several academic research institutions in the area, some might say, “Hey, we live in CyberCity, USA — how can this happen here?”

Unfortunately, having packs of cybersecurity gurus working in San Antonio doesn’t translate directly to the security of local computer systems. Keeping networks safe is hard work, and the threats are always evolving.

The Judson Independent School District is learning this lesson the hard way. The Northeast Side school district is grappling with a ransomware attack that’s affecting more than 26,000 students and staff across 30 campuses.

The district discovered the breach June 17 and has been scrambling ever since. School phones, e-mail and computers are down. So far, district officials haven’t said whether the attackers breached people’s data.

News of the hack is following the familiar script. With few details, the district acknowledged something’s wrong. The social media rumor mill ginned up. Law enforcement remained tight-lipped. And those affiliated with the organization — the people whose data may be compromised — are left to wonder whether the hijackers have exploited their most personal information.

“That’s the case in any breach in any type of attack,” said John Dickson, vice president of Coalfire, a Colorado-based cybersecurity firm that recently acquired San Antonio’s Denim Group where Dickson was chief executive. For an organization dealing with an attack, “understanding the ground truth of what you trust and what you don’t trust is a huge problem.

“It becomes a hall of mirrors,” he said, “because the attacker’s intent is to gain a foothold and be able to manage and be persistent.”

Dickson said one reason for the explosion of ransomware attacks is the automation of ransomware, easy access to hacking tools on the dark, or underground, web and the anonymity of cryptocurrency. The barriers to entry to cyber crimes are exceedingly low.

In the past, he said, hackers built the software themselves, which cost time and resources, and they didn’t want to waste their effort on a school district when they could target a bank or other higher-value target.

“If you go back 20 years ago, there were two types of organizations, the targeted and the targets of opportunity,” he said. “And what ransomware has done is made everybody a target of opportunity, so school districts, water districts, nonprofits and hospital districts were never the target of attackers until automation via ransomware became a thing.”

Dickson prescribes three things organizations should do to prepare for a ransomware attack.

“First, recognize that this is not an information technology or security issue; this is an existential, going concern, business issue. This is a CEO-level issue,” he said. “Number two, do a ransomware tabletop exercise to understand how prepared you are for it.”

The third step, he said, is to assess your organization’s software patching and recovery systems.

“So that’s the big thought there — a readiness assessment of backup and recovery processes is also most critical,” he said.

Elias Bou-Harb, director of the University of Texas at San Antonio’s Cyber Center for Security and Analytics, who recently received a $500,000 National Science Foundation grant to develop responses to ransomware attacks, echoes the importance of solid computer backups.

“The best solution for ransomware is to backup your data, make sure that the backed-up data is correct, and then do a restore once the ransomware hits,” he said. These practices have been recommended for decades, but problems arise when people “do not do backups, or they do the backup, but never check that the backup data actually is sound.”

Bou-Harb’s research aims to systematically analyze the various types of attacks, develop detection techniques and create software that can kill the malicious software before it encrypts user data.

“I always say that the cyber war is occurring every day,” he said. “I believe the ransomware threat will become more sophisticated in terms of functionality, in terms of stealthiness, in terms of even the financial infrastructure that is being used and in the diversity of the entities being attacked.”

The Judson ISD attack isn’t the first, and won’t be the last, so now’s the time to make sure your backups are in order.

Brandon Lingle writes for the Express-News through Report for America, a national service program that places journalists in local newsrooms. ReportforAmerica.org. brandon.lingle@express-news.net



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW