"Now, did you read the news today?
They say the danger's gone away.
But I can see the fires still alight
They're burning into the night."
-Genesis, Land of Confusion
As you continually upgrade your security posture and better protect your data from ransomware and data exfiltration, the bad guys keep devising innovative ways to get you to pay their ransom fee.
First, we had, "We have your data. Pay us money, or we will release it publicly and/or destroy it forever."
Then they added that they would individually ransom all the students and staff on top of ransoming the district. To add to the disruption, the bad guys have and will release school discipline/incident reports, sometimes raising the interest of district attorneys and area police, as well as student medical records violating HIPAA and FERPA. If there was a mandatory reporting requirement for what they stole from you and you didn't pay or report, they would turn you in themselves for failure to comply with the law!
Now we have a new, third item for their "pay us or else" playbook. They are directly going after the attacked organization's leadership! This means public doxing of personal information. Where you live, personally identifiable information, etc. Now, with AI, it also means false stories about leadership. There was also a Michigan case with a false video showing a district official using racist language! Your district administration, Superintendent, and Board now have targets on their backs! Even scarier than that, they are increasingly SWOTTING leadership with 911 calls about leadership and events at their homes! We all went through that horrible swotting period where district after district was getting those bomb or shooting threat calls - mostly from overseas. Imagine the fear of your Superintendent or Business Official answering the door at 3 am with police with guns dispatched by a 911 call for some alleged very bad event at their house. Sadly, this is the new reality that is coming to more and more ransomed organizations that are reluctant to pay the bill.
The next time a teacher, union rep, business office, or Superintendent tells you that they won't be part of the solution with multi-factor authentication or purchasing and installing advanced security tools to keep the district's, students', and staff's information safe, remind them that if something bad happens in the district, they are increasingly likely to be compromised personally in very tangible and ugly ways.
There is no guarantee that any security solution is 100% effective, but our track record in shutting these bad events down before they get out of hand is excellent.
With the recent PowerSchool breach news, no Superintendent wants to have that article in the paper discussing how they gave up personally identifiable data, much less the lawsuits that have come after these breaches.
Putting adequate resources into district cybersecurity is money well spent to try and keep any of that from happening.
We'd be happy to talk to anyone in your district administration about the current threat landscape and what it takes to keep your district as safe as possible responsibly.
Give us a call, and let's discuss the next steps.
-Scott Quimby, Senior Network Advisor, CISSP
Acture/CSI
You must be logged in to post a comment.