Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
Newest First  |  Oldest First  |  Threaded View
tdsan
tdsan,
User Rank: Ninja
6/12/2020 | 9:50:06 AM
Re: Interesting post

Our students often made attacks on servers with grades and personal data...This factor should be legitimate and free. This is the right way to identify malicious attacks - lafnian1990,

I was not sure if you saw that, but I reiterated that we need to strike a balance between the kids and the admin staff to work together to address some of the issues found on the network, not just malicious attacks, but attacks that were found open from untrained staffe members who place IOT devices on the network and don't provide a "secured template" (this is from an admin perspective).

The kids on the other hand (who have been identified as being talented) need to be put in a sandbox (once they have been identified) so they can hack away, I do think learning comes from various sources but I don't think the kids need to be the only source of knowledge when it comes to malicious attacks, there needs to be an oversight group (remote monitoring), proper training, develop a sandbox for testing, educate the students about white-hat processes (provide them with proper guidance), follow system hardening practices (DISA Stigs) and work collaboratively together to identify potential holes.

Now this is the way as a group we need to mitigate attacks from various educational sectors, not just one source but a collective source of thought and guidance.

The Hacker School Experience | WIRED

T
tdsan
tdsan,
User Rank: Ninja
4/16/2020 | 2:01:13 PM
Interesting post
I think with the schools, it is the administrative staff that does not put emphasis (money) into the schools IT, education and training. They are more concerned with the bottom-line as opposed to external threats.

For example, a number of applications that I identified still had the admin user name and password, no one took the time to change it and there are a number of applications and devices that are still set to default settings, they just take it out fo the box, configure it for the network and attach it for kids to use.

Ransomware Hit Over 1,000 U.S. Schools in 2019

In addition, the kids who are in the schools have been causing some of the attacks because they have found holes or vulnerabilities where they continue to exploit and use for their own purposes.

What needs to happen is that for every device that enters into the school, there needs to be a preconfigured template they use (planning will play a big part) and then deploy the solution without intervention from the admin IT staff (that is usually one person who has been appointed to do the job), provide adequate training to people who have done this before and look into other applications other than Windows (someone said that if the schools would create a team of well trained students to help with the Ransomeware issue, they could help the admin staff - a type of project - address the IT needs, empowering the school and the kids as well).

Todd


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-34918
PUBLISHED: 2022-07-04
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an u...
CVE-2022-34829
PUBLISHED: 2022-07-04
Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API.
CVE-2022-31600
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and informat...
CVE-2022-31601
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-31602
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.