Why schools are easy prey for hackers — and why they struggle to fight back | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


When a ransomware gang picks its next target, it looks for a poorly secured organization holding valuable data, providing a vital service or doing both. Few organizations fit that description as perfectly as a K-12 school system. With that in mind, it’s no surprise that schools and their technology vendors have been falling prey to cyberattacks in massive numbers over the past few years.

Supply chain vulnerabilities represent the biggest threat to schools, as the recent PowerSchool and Canvas breaches demonstrate. These supplier relationships are difficult for schools, with limited IT personnel, to manage and secure. And once cybercriminals penetrate a vendor’s software, they often use that access to roam freely across schools’ networks. There, they typically find a wealth of valuable data, from employee payroll records to parents’ financial information to students’ healthcare data. The hackers who breached the Los Angeles Unified School District stole information about students’ homelessness status and disabilities.

The surge in cyberattacks comes as the federal government has effectively abandoned K-12 schools and universities to their fate. The U.S. Department of Education, the Sector Risk Management Agency (SRMA) for the education community, has long been one of the worst-resourced and least-capable SRMAs, despite years of warnings about the need for change, and the Trump administration’s sweeping cuts to the department have only exacerbated the problem. The administration has also eliminated funding for a state and local information sharing group that greatly benefited schools, and it has suspended the work of a recently formed coordinating body for the education sector along with similar groups for other sectors.

In the latest episode of our Reporters’ Notebook series, Cybersecurity Dive senior reporter Eric Geller discussed the cybersecurity threats facing schools with Dark Reading features writer Arielle Waldman and TechTarget SearchSecurity executive editor Sharon Shea.

Watch the video below, or scroll past it to read the transcript, which was edited for length and clarity with the help of an internal AI assistant.

Dark Reading’s Arielle Waldman: Hi, everyone. Welcome to another edition of the Reporters’ Notebook. Today we’re going to be discussing the education sector and all the issues that they’ve been facing. My name is Arielle Waldman, and I’m a features writer for Dark Reading. I have Sharon Shea and Eric Geller with me. Would you like to introduce yourselves? 

Cybersecurity Dive’s Eric Geller: Yes, I’m Eric Geller, senior reporter at Cybersecurity Dive. 

TechTarget SearchSecurity’s Sharon Shea: Hi, I’m Sharon Shea, executive editor on TechTarget SearchSecurity. 

Thank you all for joining us today. We’re excited to chat about edtech and the educational sector and cybersecurity. So, we’re coming off of the heels of what folks are calling the biggest attack on education in history. In late April and early May, edtech company Instructure confirmed a cyberattack on its Canvas Learning Management System. Threat group ShinyHunters claimed responsibility for the attack and said that they stole 3.65TB of data, including information from 275 million users across almost 9,000 schools. As of May 11, Instructure said it had reached an agreement with the attackers and that the software is safe to use. I don’t think we know if they paid a ransom or not, but whatever “reached an agreement” means.

And then again, just last week, ShinyHunters also claimed responsibility for further attacks on higher ed, reportedly exploiting the Oracle PeopleSoft software suites, [the vendors] for ERP, CRM, [and] HCM, and they have campus applications to help higher ed manage student records, admissions, financial aid. Google noted that while some organizations were able to block or remediate the vulnerabilities before this latest round of attacks, others are compromised and have had their data published on data leak sites. So, education is unique. It’s up against a lot of threats and this just touches on the supply chain side, the software supply chain, and you know organizations getting hit because of their software suppliers, as in through Canvas and the PeopleSoft software.

——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW