"Hackers looking to exploit sensitive information for profit are increasingly targeting the nation’s schools, where they are finding a relatively weak system to protect a valuable asset: student data.
"Cyberthieves have struck more than three dozen school systems from Georgia to California so far this year, stealing paychecks and data or taking over networks to extort money. The thefts have prompted many school officials to hire cyber security consultants to fight back against a trend that experts say is growing fast.
"The attackers have gained access to servers containing student names, addresses, social security numbers, birth dates, academic performance, phone numbers and medical and discipline records—in some cases releasing data in an escalating series of demands and actions.
"A few districts, betting that surrender would be cheaper and easier than defeating a hack, have gone against FBI advice and paid off the hackers.
“They know that cyber craziness is not our game, and they are winning,” said Laura Sprague, a spokeswoman in the Johnston Community School District in Iowa, where hackers this month publicly released student information. “These groups are targeting some of the most vulnerable people in the nation—kids.”
"Cyber experts say as schools rush to ramp up the use of technology in the classroom, they haven’t done enough to protect an easily monetized trove of data on students.
“Bad guys can use that information to create fake identities and things like that, and that information can be sold on the black market for a lot of money,” said Zuly Gonzalez, a former cybersecurity expert with the National Security Agency and CEO of Light Point Security in Maryland. Full Story at the WSJ.
Free Phish Alert Button
When new spear phishing campaigns hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your employees from potential targets and victims into allies and partners in the fight against cybercrime is to roll out KnowBe4's free Phish Alert Button to your employees' desktops. Once installed, the Phish Alert Button allows your users on the front lines to sound the alarm when suspicious and potentially dangerous phishing emails slip past the other layers of protection your organization relies on to keep the bad guys at bay.
Don't like to click on redirected links? Cut & Paste this link in your browser: