On Tuesday, a public school in Nantucket Island, Massachusetts suffered a ransomware attack, forcing them to shut down:
“Together with outside data security experts, our Information Technology Department has been working very hard all day to restore our computers and internet service,” Superintendent Beth Hallett said Tuesday in a message to the the school community.
Students in the island’s five public schools were sent home at noon Tuesday and told not to use school-issued electronic devices. The district has nearly 1,700 students, according to state records.
“All student and staff devices have been shut down, and our safety and security systems, including phones and security cameras, are also disabled,” Hallett said in an email to parents.
Brian Johnson, CISO at Armorblox shared his thoughts on this topic:
Educational institutions have one of the largest attack surfaces of all industries. There are thousands of faculty, parents, students and even alumni all accessing the same network through their laptops, phones, and tablets on a daily basis. All it takes is for one of them to click a link or open an attachment in a phishing email to compromise the whole thing for financial gain, to disrupt classes, or for other potentially destructive purposes. We’ve seen every variation of phishing email possible—from “schools” asking alumni for donations to “teachers” asking students to login with their credentials and review an important document. There’s no amount of cybersecurity training or education that can cover such a broad user base. With limited budgets and staff, educational institutions need to automate their security operations as much as possible. And with ChatGPT making it easier than ever for cybercriminals to spin up legitimately looking phishing and business compromise emails, schools and universities need to invest in their own natural language-based AI defenses that are trained to spot even the most realistic looking and sounding phishing emails and stop that one person who would have clicked from having to even think about it.
The challenge that schools have is that they are often cash strapped. So that makes them prime targets for being pwned. Hopefully they can scale up their defences so that they stop being targets.
Like this:
Like Loading...
Related
This entry was posted on February 2, 2023 at 4:23 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Public School In Massachusetts Gets Pwned In Ransomware Attack
On Tuesday, a public school in Nantucket Island, Massachusetts suffered a ransomware attack, forcing them to shut down:
“Together with outside data security experts, our Information Technology Department has been working very hard all day to restore our computers and internet service,” Superintendent Beth Hallett said Tuesday in a message to the the school community.
Students in the island’s five public schools were sent home at noon Tuesday and told not to use school-issued electronic devices. The district has nearly 1,700 students, according to state records.
“All student and staff devices have been shut down, and our safety and security systems, including phones and security cameras, are also disabled,” Hallett said in an email to parents.
Brian Johnson, CISO at Armorblox shared his thoughts on this topic:
Educational institutions have one of the largest attack surfaces of all industries. There are thousands of faculty, parents, students and even alumni all accessing the same network through their laptops, phones, and tablets on a daily basis. All it takes is for one of them to click a link or open an attachment in a phishing email to compromise the whole thing for financial gain, to disrupt classes, or for other potentially destructive purposes. We’ve seen every variation of phishing email possible—from “schools” asking alumni for donations to “teachers” asking students to login with their credentials and review an important document. There’s no amount of cybersecurity training or education that can cover such a broad user base. With limited budgets and staff, educational institutions need to automate their security operations as much as possible. And with ChatGPT making it easier than ever for cybercriminals to spin up legitimately looking phishing and business compromise emails, schools and universities need to invest in their own natural language-based AI defenses that are trained to spot even the most realistic looking and sounding phishing emails and stop that one person who would have clicked from having to even think about it.
The challenge that schools have is that they are often cash strapped. So that makes them prime targets for being pwned. Hopefully they can scale up their defences so that they stop being targets.
Share this:
Like this:
Related
This entry was posted on February 2, 2023 at 4:23 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.