[BreachExchange] Ransomware and DDoS Attacks Disrupt More Schools

[Destry Winant]

https://www.databreachtoday.com/ransomware-ddos-attacks-disrupt-more-schools-a-14961

The start of classroom and online instruction at Hartford Public
Schools in Connecticut was canceled Tuesday as a result of a
ransomware attack - the latest in a series of online attacks that have
disrupted some schools' return to teaching this fall. Last week, for
example, online instruction at Miami-Dade County Public Schools in
Florida was disrupted by distributed denial-of-service attacks.

These districts join schools in Alabama, Oklahoma and New York, among
other locations, that have had their operations affected by some type
of online attack in recent weeks.

Cybersecurity professionals had been predicting a spike in ransomware
attacks this fall as new hybrid learning environments go online and
unpatched equipment that has spent months in the homes of students and
faculty is reconnected to school networks (see: As Classes Resume,
Schools Face Ransomware Risk).

Hartford Responds

Hartford canceled the first day of classroom instruction scheduled for
Tuesday, citing a ransomware attack discovered the previous day by the
Metro Hartford Information Services - the district's shared service
team that manages its infrastructure and network. The online attack
knocked school as well as city systems offline.

"We have been informed by Metro Hartford Information Services, our
city of Hartford shared services team, that manages our network
infrastructure, that the ransomware virus caused an outage of critical
systems and the restoration of those systems are not complete," school
officials say in a statement. "This includes the system that
communicates our transportation routes to our bus company and it is
preventing our ability to operate schools on Tuesday."

The district, in an update, says the computer system was restored
Tuesday with online and classroom instruction rescheduled to start on
Wednesday. Officials say no student or employee personal data was
accessed or stolen during the attack.

Hartford Mayor Luke Bronin, in a Tuesday press conference, said the
ransomware attack also affected the city's public safety system,
although its 911 service remained operational. The city recently
purchased new cybersecurity software, which Bronin credits with
helping limit the damage in this attack. And the city has purchased
cyber insurance for itself and the school district.

A ransom note was received but did not contain a specific monetary
demand, Bronin says, adding the city and school district have no
intention of contacting the attackers.

Miami-Dade Arrest

On Sept. 2, Miami-Dade schools cancelled online classes for 200,000
students due to a series of DDoS attacks, the district noted in a
tweet.

As a result of the attacks, the district switched to Zoom, Microsoft
Teams and other alternative systems for its distance learning classes
instead of its own applications. This is expected to continue until
Sept. 11.

The district reports one of its students was arrested in connection
with the attack.

"The student admitted to orchestrating eight distributed
denial-of-service attacks designed to overwhelm district networks,
including web-based systems needed for My School Online," district
officials said in a statement. "The student used an online application
to carry out these attacks and has been charged with computer use in
an attempt to defraud - a third-degree felony, and Interference with
an educational institution - a second-degree misdemeanor."

Universities Targeted

Universities are also being hit with fresh hack attacks this fall.

For example, the U.K.'s Newcastle University was targeted (see:
Report: UK Universities Vulnerable to Cyberattacks). And the
University of Utah recently paid a ransom to avoid the disclosure of
data that was stolen (see: University of Utah Pays Ransom to Avoid
Data Disclosure).