Ransomware and DDoS is on the Rise: Tips for Distance Learning in 2021
The holidays have come and gone, and students returned to the virtual classroom. But according to the FBI, cyberattacks are likely to disrupt online learning in the new year. As of December 2020, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and MS-ISAC continue to receive reports from K-12 educational institutions about the disruptions caused by cyberthreats, primarily ransomware and Distributed Denial of Service (DDoS). To protect their education and digital lives, distance learners will need to stay vigilant when it comes to ransomware and DDoS attacks. Let’s dive into the impact these threats have on the K-12 education system now that more people are plugged in as a result of distance learning.
Hackers Hold Education for Ransom
Of all the attacks plaguing K-12 schools this year, ransomware has been a particularly aggressive threat. Ransomware attacks typically block access to a computer system or files until the victim pays a certain amount of money or “ransom.” The FBI and the CISA issued a warning that showed a nearly 30% increase in ransomware attacks against schools. In August and September, 57% of ransomware incidents involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July. And it’s unlikely that hackers will let up anytime soon. Baltimore County’s school system was recently shut down by a ransomware attack that hit all of its network systems and closed schools for several days for about 111,000 students. It wasn’t until last week that school officials could finally regain access to files they feared were lost forever, including student transcripts, first-quarter grades, and vital records for children in special education programs.
According to to ZDNet, the five most active ransomware groups targeting K-12 schools are Ryuk, Maze, Nefilim, AKO, and Sodinokibi/REvil. Furthermore, all five of these ransomware families are known to run “leak sites,” where they dump data from victims who don’t pay the ransom. This creates a particularly dangerous problem of having student data published online. To prevent distance learning disruption, students and educators need to understand the effects of ransomware on school systems and take steps to prevent the damage caused by this threat.
DDoS Attacks Disrupt the Distance Learning
An increase in ransomware attacks isn’t the only problem that K-12 schools are facing. The CISA and the FBI warned those participating in distance learning to protect themselves against other forms of cyberattacks such as Distributed Denial of Service (DDoS). DDoS is a method where hackers flood a network with so much traffic that it cannot operate or communicate as it normally would.
According to Dark Reading, Miami-Dade County Public Schools experienced significant disruptions during their first three days of distance learning for the 2020-2021 school year, thanks to a series of DDoS attacks. The school system stated it had already experienced more than a dozen DDoS attacks since the start of the school year. Sandwich Public Schools in Massachusetts were also knocked offline by a DDoS attack. When school systems fall victim to DDoS attacks, students can lose access to essential documents, files, or online platforms that they need to complete assignments. And with many students relying heavily on distance learning systems, losing access could put them behind.
Delete Disruptions: Follow These Security Tips
In an effort to create a standardized framework for dealing with ransomware attacks across verticals – including education – McAfee has teamed up with Microsoft to lead the Ransomware Task Force, along with 17 other security firms, tech companies, and non-profits. And while we’re taking critical actions to decrease the threat of ransomware attacks, there are other steps you can take to prevent ransomware and DDoS attacks from interrupting your distance learning experience. Follow these tips to take charge of your education and live your digital life free from worry:
Don’t pay the ransom
Many ransom notes seem convincing, and many only request small, seemingly doable amounts of money. Nevertheless, you should never pay the ransom. Paying does not promise you’ll get your information back, and many victims often don’t. So, no matter how desperate you are for your files, hold off on paying up.
Do a complete backup
With ransomware attacks locking away crucial data, it’s important to back up your files on all your machines. If a device becomes infected with ransomware, there’s no promise you’ll get that data back. Ensure you cover all your bases and have your data stored on an external hard drive or in the cloud.
Use decryption tools
No More Ransom – an initiative that teams up security firms, including McAfee, and law enforcement – provides tools to free your data, each tailored for a specific type of ransomware. If your device gets held for ransom, start by researching what type of ransomware it is. Then, check out No More Ransom’s decryption tools and see if one is available for your specific strain.
Secure your router
Your Wi-Fi router is the gateway to your network. Secure it by changing the default password. If you aren’t sure how to do this, consult the internet for instructions on how to do it for your specific make and model, or call the manufacturer. Solutions like McAfee Secure Home Platform, which is embedded within select routers, can help you easily manage and protect your network from DDoS attacks and more.
Change default passwords on IoT devices
A lot of internet of things (IoT) devices come with default usernames and passwords. After taking your IoT device out of the box, the first thing you should do is change those default credentials. If you’re unsure of how to change the default setting on your IoT device, refer to setup instructions or do a bit of research online.
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.