UDTSecure Threat Advisory for K-12 Schools

UDTSecure™ Cybersecurity Consultants are tracking an active and credible advisory issued by the FBI and Department of Education (DOE) warning of K-12 schools being the target of cybersecurity ransomware attacks. These attacks focus on extorting money from educational institutions by releasing sensitive student information if a ransom is not paid. However, we believe getting access to the data itself is of equal importance.

We have long been warning school districts regarding the urgency of protecting student and employee confidential information which is extremely valuable to cybercriminals. Data such as social security and drivers license numbers are extremely valuable in that they can be sold on the black market or used to apply for new credit purchases.

Several methods of attacks have been identified so far across three states that include email phishing campaigns, exploitation of vulnerabilities found in network devices or website weaknesses which allowed for unauthorized access.

The following quick tips provide some initial guidance in securing your environment and reducing your chances of being a victim.

Quick Tips to Perform Now:

Consider installing OpenDNS on Active Directory Servers to prevent outgoing command and control network traffic.
Ensure you have backups of all student and employee information.
Scan backup data for malware with Anti-Virus applications.
Test you can restore backup data from scratch if the need arises. Do not restore backups into production environment. First, restore systems in the test environment and run the anti-virus checks on the test environment.
Ensure proper audit logs are enabled for systems and network components. Double check the storage capacity on systems recording the logs. Both event and activity logs should be enabled. Important to check Active Directory server logs are enabled.
Alert employees, staff and students to avoid clicking suspicious email links especially ones with threatening messages.
Perform Network vulnerability scans to identify critical vulnerabilities known to be exploited and misconfigured systems.

If you feel you’ve been the subject of an attack or view suspicious activities in emails or networks, call us immediately at 1-800-882-9919 and request to speak to one of our fully certified cybersecurity consultants.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

2024 Will Test Cybersecurity Leaders: Is Your Company Ready?

Experts say new AI-driven threats and an election year will spell trouble for companies.

K12 Budgeting: Planning Your 1:1 Device Refresh Program Cost

As K12 education evolves, managing 1:1 device programs effectively is crucial. These programs, providing each student with a personal computing device, play a pivotal role in modern education. Success demands strategic planning, communication, foresight, and a holistic approach to device management. With digital learning on the rise, these devices are more than just tools for accessing information; they are platforms for interactive, core learning experiences. However, funding remains a significant hurdle, making effective budgeting for your device refresh program essential for optimizing ROI and device longevity.

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.