Ransomware attacks against the education sector almost doubled from 2019 to 2020. With the onset of the COVID-19 pandemic, the numbers keep getting higher. The cybersecurity posture of this sector is still not sufficiently robust and hence, is low-hanging fruit for threat actors.
What’s up?
The Pysa, aka Mespinoza, ransomware group hit eight K-12 school districts in the U.S., as evident from the list on the threat actor’s dedicated leak site. While some districts were attacked before the FBI issued an alert, others fell prey to the ransomware after the alert.
About the victims
- The Affton School District was mentioned on the leak site in February. Sensitive files from the school were published in two installments.
- Gering Public Schools was added on the dedicated leak site in February, however, the attack was conducted a year back. The school claimed that it was unaware of the breach.
- Other victims include Zionsville Community Schools, Palos Community Consolidated School District, Brookfield Public Schools, and Winters Independent School District, among others.
Why this matters
While neither the schools nor the Pysa gang revealed the ransom paid, it is known that the cost incurred by a ransomware attack can be overwhelming. The attacks on K-12 schools have been staggering indeed with the public having no idea about the actual costs incurred and people impacted. Researchers urge school districts to publicly disclose breaches and costs to make the public aware of what’s going on.
Not just schools
Pysa also poses a threat to the medical sector. Since last year, it has attacked 11 healthcare entities. While three of those reported the attacks to the U.S. Department of Health & Human Services, the remaining didn’t disclose the incidents.
The bottom line
The days of ignoring cyber threats are long gone and the education sector needs to ramp up its cybersecurity initiatives. Maintaining suitable standards requires technical expertise and cybersecurity is no more a siloed internal IT issue.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_311463287.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/acd1_shutterstock_675458989.jpg)
