Recently, DDoS or “distributed denial of service” attacks have been launched against schools, preventing faculty and students from accessing important educational materials online.

DDoS attacks have long targeted industries like finance and banking where cybercriminals can gain access to important financial data. But now, even non-profit organizations such as healthcare and educational institutions are being victimized.

According to one report, by THE Journal, education is now the most targeted sector for malicious attacks beating out healthcare.

So, what is a DDoS Attack and why does it matter?

A DDoS attack occurs when cybercriminals overwhelm the network of an organization with unnecessary requests and traffic from several sources, preventing legitimate business from being fulfilled and exposing potential breach points. The sources are typically machines that have already been compromised and infected with botnet malware. You may recall the DDoS attack last October on personal use apps like Twitter and Netflix, which took those applications offline for almost an entire day.

But the goal isn’t only to bring applications offline. According to DigitalAttackMap.com, “Once infected, these machines can be controlled remotely, without their owners’ knowledge, and used like an army to launch an attack against any target.” While in the infected network, criminals can scrounge around for critical information such as social security and credit card numbers and other proprietary information.

 

Miami Dade School District is Attacked in June 2017

In the summer of 2017, a DDoS attack infiltrated the Miami-Dade school district. According to the Miami Herald, the cybercriminals “…infected the systems with malware…that turned off the logs recording who accessed the systems.”

Student social security information was part of the target, but not the only goal. The Miami Herald cited that the criminals were MoRo, a hacking group from Morocco, and penetrated the defenses of four different school district networks. Their main goal was to find their way into government organizations from the school systems, according to the Miami Herald and UDT (United Data Technologies) and search “…for some way to slip into other sensitive government systems, including state voting systems.”

Ultimately, the hackers were never able to find the information they so long sought.  But the attempted hacking “…exposed the vulnerabilities of Florida’s school district networks: vast computer systems that store sensitive information on thousands of students, and their parents, and could potentially provide a backdoor into other government systems,” reported the Miami Herald.

Students Attacking Schools:

In some cases, students are behind the DDoS and other types of cyberattacks.  In 2015, three high school seniors in New York were accused of hacking into their school’s computer system to change grades and schedules.

In a recent DiamondIT blog post, we reported that students are often instigators of ransomware attacks — halting school computer systems until a monetary ransom is paid.

 

Defending Against DDoS and Other Attacks:  Why School Districts are an Easy, Desirable Target

Today many school districts are using older networks and legacy hardware and software systems that make it easy to hack. These cybercriminals can then collect information such as social security numbers and credit card information from students and faculty.

The Miami Herald also notes, “Unlike corporations with trade secrets and data to protect, many school districts have set up systems to make connectivity easy. With free Wi-Fi in school buildings … there are thousands of opportunities for a hacker to gain access to a school network. Students downloading free apps on their phones or hopping from one school computer to the next can spread a computer virus faster than the flu during flu season.”

What Can be Done:

  • To defend against DDoS, some districts employ backup internet service providers to keep networks running and instruction uninterrupted.
  • According to EducationDive.com, “…School Districts are relying on…better firewall protections, new networking tools, and better network design.
  • Whether it is DDoS or ransomware or even phishing scams, such attacks can be incredibly disruptive, and experts suggest taking a proactive approach to cyber threats by educating staff on how to identify email or other scams, find the weak links in networks, and keeping protocols in place to ensure reliable backups exist in case of attack.

Educational Institutions must ensure their data is properly protected. CIPA (“Children’s Internet Protection Act”) was mandated by Congress in 2000 and non-compliance can cost schools needed funding.

Ransomware and other cyber threats are very real and happening with rapidly increasing frequency all over the globe. For more information on protecting your network, contact DiamondIT.