According to a recent study, cyberattackers target a school district in USA after every three days. In 2018, the number of cybercriminal cases in the public school was around 122. Among these cases, almost 60 percent were those in which the data of students was compromised. These attacks included ransomware attacks, phishing, and data breaches—sometimes all at once.
Doug Levin, the author of the study, revealed that this is just “tip of the iceberg” as he believes that most of the cases are not made public. Mr. Levin estimated that the actual number maybe 10 or even 20 times more than the reported number as school districts remain silent in the aftermath of cyberattacks. Recently, one more school got attacked.
Crosby International School District Gets Attacked
A public school district located in Harris County, Texas, is discovered to be the latest victim of a cyberattack as it joins the growing list of “ransomed” schools in 2019. According to sources, on Sunday, a ransomware invaded the security defenses of the Crosby ISD (International School District) in the morning at about 10:30am.
After entering the network of the school, the cybercriminals unleashed their payload. Subsequently, they took control of the school’s servers and encrypted the data to lock out the systems. The huge ransom demand is asked in the form of bitcoins in exchange for a decryption key to initiate the ransomware removal procedure.
The attack did not damage one or two departments in the school. Instead, it was lethal enough to disable the IT operations of the school’s entire infrastructure. Other than blocking the IT services, telephone services were also non-operational. Consequently, the school staff has to engage in conversations through the use of their personal phones as their mobile become the only medium to get any news about the IT services.
Similar inconvenience was created for parents. The school directed the parents that in order to urgently contact their children, they must visit the school.
Meanwhile, incoming visitors were banned for an indefinite period of time as the school was unable to conduct screening for the visitors due to the non-operational IT infrastructure.
Amidst a growing air of uncertainty from the parents in regards to the exploitation of student data, a spokesperson from the school clarified that no confidential information went in the wrong hands in the recent attack.
In order to begin the investigation of the attack and assist with ransomware removal, law enforcements companies were roped in. Additionally, the school has also requested the services of a private cybersecurity company.
