How Ransomware's attacks are affecting educational institutes in the 21st century

by Rishu Ranjan Secure your data, One single vulnerability is all

In today’s reality, everyone is dependent on technology especially our young who are always peeling their eyes on one device to another without fully knowing the dangers that lie behind the digital spectrum, in this new reality ransomware is a form of malware in which an attacker gains access to the victim's computer systems and then withholds the victim's systems and/or data for ransom purposes. Ransomware hackers infiltrate district computers, lockdown district systems, steal valuable personal and student data, and detain them for ransom. Ransomware hackers are mainly interested in profit and seek new opportunities.

Schools are the most popular targets for ransomware attacks today, according to the FBI. It is difficult to estimate the total cost of cyberattacks targeting the education sector, as many schools do not report attacks. Nearly one in four cyberattacks in the US involve ransomware, according to a report from IBM. According to estimates provided by NBC News by Brett Kellow, ransomware analyst at cybersecurity firm Emsisoft, ransomware gangs released data from more than 1,200 US elementary and high schools in 2021.

The effect of the pandemic

In 2020 as panoramic made sure that the employees stayed in their homes during the lockdown, ransomware attacks increased, with hospitals and other healthcare providers becoming the main targets.

The situation will be worse this year, with more suspicious ransomware payments reported to the U.S. government in mid-2021 than in the whole of 2020, and these payments will soon reach higher dollar values, than in 10 years.

A Microsoft report in July 2021 confirmed that the healthcare industry is the main target of ransomware, followed by the entertainment, energy, and financial industries. The virus is at the core of attacks on governments and medical institutions, including attacks on Farmington, New Mexico, the Colorado Department of Transportation, Davidson County, North Carolina, and recent major security breaches in the United States. state. Atlanta's infrastructure

Different aspects of ransomware

REvil is one of the ransomware groups that steal data from the target before activating the ransomware to support their ransomware work. Active since April 2019, REvil provides ransomware as a service, which means that the software it develops can paralyze the network and rent it out to so-called affiliates, which infect the target and get most of it ransom.

The other side of ransomware is the cryptographic virology attack invented by Adam L. Young, which threatens to release stolen information from the victim's computer system instead of denying the victim access.

This means that the information they publish on the Internet is often a collection of scattered files that they managed to steal

Recent Ransomware Incidents.

Cyberattacks and ransomware attacks targeting schools hit record highs last year, with primary and secondary schools being the most vulnerable. According to the FBI, as cyberattacks against large corporations gain prominence, school districts have quietly become a prime target for ransomware attacks in the fall of 2020.

Also last year, high-profile ransomware attacks on the Colonial Pipeline and JBS Foods resulted in the companies paying multi-million dollar ransoms to hackers and sparking supply chain problems with implications for the national economy.

Yuba County, California has been a victim of a ransomware cyberattack that has infected some computer systems in the county with malware. The Conti group set a ransom of 20 million U.S. dollars in exchange for decrypting data and deleting 700 GB of unencrypted files recovered during the attack. However, because Veslako decided not to pay, the hackers uploaded the stolen files to their website. In February of this year, just a few months after a public school in Toledo, Ohio was hacked by ransomware, they posted student names and social security numbers online. A parent told Toledo WTVG-TV that someone knew Who is this information, began to try to obtain a credit card and provide car loans in the name of school-age children.

How well is the education system prepared?

In a survey parents of public schools, students in the US were asked, how they think their school system is prepared for extortion and what they will do if their school is attacked. Despite advice from security experts not to pay for ransomware requests, 72% of parents said they would like their children's school to pay the ransom. Perhaps most surprising to me was that 55% of the parents we surveyed noticed that their children's school system had been cyberattacked, 22% in the last 2 years. Of this group, only 34% were immediately notified of a school attack; 57% heard it for the first time from another source like Facebook or news.

According to the report, 57% of all ransomware attacks reported in August and September were targeted at schools. These attackers used the transformation of distance learning to cause the accident. But online insurance companies appear to be responding to the increase in ransomware requests. Despite the astronomical cost of ransomware attacks against schools, most school districts do not have a cyber security insurance plan. Scott said that it is unreasonable to expect educators and administrators to become cybersecurity experts, but even under-funded IT departments can help educators by providing low-cost security training best practices (such as email detection). Scott said that malicious is the most common ransomware attack vector.

Conclusion

The escalation of cybercrime has left parents at a loss and unable to add security directors to their growing jobs, forcing many people to take intensive cybersecurity courses as they try to maintain strict family education programs and keep children happy. Students are looking for learning and entertainment facilities online. With the increasing popularity of ransomware on the PC platform, the number of ransomware targeting mobile operating systems has also increased. Schools need to provide basic cybersecurity education to both parents and students so they can keep their devices safe and know how to handle the situation.