Educational establishments across the expanse of the United States persist as alluring targets for malevolent cyber operatives, grappling with a surge of cyber assaults and the surreptitious siphoning of data in the wake of the holiday season.
Since the commencement of the new year, a handful of academic institutions have borne the brunt of data breaches. These include Butte School District in Montana, Edmonds School District in Washington, Fullerton Joint Union High School District, and Glendale Unified School District in California.
Meanwhile, other scholastic domains, exemplified by Ohio’s Groveport Madison Schools, find themselves in the throes of recovering from the deleterious aftermath of ransomware incidents.
Authorities at the educational precinct revealed to Recorded Future News that the arduous process of reinstating their systems ensued for a span of approximately a month following the unearthing of a ransomware onslaught on December 5.
“The malefactors promptly identified themselves as BlackSuit when the breach unfolded,” a spokesperson disclosed, alluding to a faction believed by the FBI and CISA to be a revamped iteration of the Royal ransomware syndicate. “Collaboration with local and federal agencies transpired in response to this predicament. While they absconded with certain personnel data, the school closure was not deemed necessary during this incursion.”
“We endured a brief hiatus from internet connectivity, resorting to ‘old-school’ pedagogy. Our complete recovery transpired within the designated timeframe.”
Serving approximately 6,000 students in Franklin County, Ohio, the school district’s Superintendent, Jamie Grube, elucidated that a forewarning regarding the impending attack was received from the Cybersecurity and Infrastructure Security Agency (CISA).
CISA’s directive entailed the cessation of all internet access; nonetheless, the ransomware syndicate managed to inflict damage upon numerous Windows devices, security cameras, and printers.
“Despite the internet blackout, telephonic communication remained intact, and the academic routine proceeded unhindered. Rest assured, our preliminary evaluation affirms the non-compromise of student or staff data during this breach,” reassured Grube during the incident.
A Reality Check
As educational institutions become progressively entwined with cloud-based frameworks, cybersecurity researchers persistently unearth susceptibilities within the ubiquitous software employed for diverse functions.
In recent weeks, cybersecurity researcher Jeremiah Fowler of vpnMentor stumbled upon millions of exposed records attributed to the negligence of school security firm Raptor Technologies.
Fowler articulated that he gained access to incident response plans, architectural layouts, and documents detailing malfunctions in cameras or deficiencies in physical security. The compromised database also harbored copious information concerning background checks, vulnerable students, emergency drills, and more.
Legal practitioners are currently reaching out to individuals whose information may have been exposed, while the Washington, D.C. public school system embarks on notifying parents about the revelation that Raptor Technologies has apprised them of compromised student information.
“We were apprised recently that Raptor Technologies, the custodians of our newly adopted visitor management software, were alerted to vulnerabilities within their platform by an unauthorized cybersecurity researcher. Upon learning of this potential data breach, we promptly contacted Raptor representatives and suspended the utilization of their software in our facilities,” conveyed Amy Maisterra, deputy chancellor of DC Public Schools, in an email to parents.
“As Raptor delves into its investigation, I want to assure our families that, although some districts utilize Raptor for storing and managing school Emergency Response Plans (ERPs), DCPS abstains from employing this feature. Consequently, no ERPs for any of our schools were stored within the Raptor platform, rendering them inaccessible.”