Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
Oldest First  |  Newest First  |  Threaded View
tdsan
50%
50%
tdsan,
User Rank: Ninja
4/16/2020 | 2:01:13 PM
Interesting post
I think with the schools, it is the administrative staff that does not put emphasis (money) into the schools IT, education and training. They are more concerned with the bottom-line as opposed to external threats.

For example, a number of applications that I identified still had the admin user name and password, no one took the time to change it and there are a number of applications and devices that are still set to default settings, they just take it out fo the box, configure it for the network and attach it for kids to use.

Ransomware Hit Over 1,000 U.S. Schools in 2019

In addition, the kids who are in the schools have been causing some of the attacks because they have found holes or vulnerabilities where they continue to exploit and use for their own purposes.

What needs to happen is that for every device that enters into the school, there needs to be a preconfigured template they use (planning will play a big part) and then deploy the solution without intervention from the admin IT staff (that is usually one person who has been appointed to do the job), provide adequate training to people who have done this before and look into other applications other than Windows (someone said that if the schools would create a team of well trained students to help with the Ransomeware issue, they could help the admin staff - a type of project - address the IT needs, empowering the school and the kids as well).

Todd
tdsan
50%
50%
tdsan,
User Rank: Ninja
6/12/2020 | 9:50:06 AM
Re: Interesting post

Our students often made attacks on servers with grades and personal data...This factor should be legitimate and free. This is the right way to identify malicious attacks - lafnian1990,

I was not sure if you saw that, but I reiterated that we need to strike a balance between the kids and the admin staff to work together to address some of the issues found on the network, not just malicious attacks, but attacks that were found open from untrained staffe members who place IOT devices on the network and don't provide a "secured template" (this is from an admin perspective).

The kids on the other hand (who have been identified as being talented) need to be put in a sandbox (once they have been identified) so they can hack away, I do think learning comes from various sources but I don't think the kids need to be the only source of knowledge when it comes to malicious attacks, there needs to be an oversight group (remote monitoring), proper training, develop a sandbox for testing, educate the students about white-hat processes (provide them with proper guidance), follow system hardening practices (DISA Stigs) and work collaboratively together to identify potential holes.

Now this is the way as a group we need to mitigate attacks from various educational sectors, not just one source but a collective source of thought and guidance.

The Hacker School Experience | WIRED

T


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-43695
PUBLISHED: 2021-11-29
An unspecified version of issabelPBX is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability.
CVE-2021-43696
PUBLISHED: 2021-11-29
An unspecified version of twmap is affected by a Cross Site Scripting (XSS) vulnerability. In file list.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST then there is a XSS vulnerability.
CVE-2021-43697
PUBLISHED: 2021-11-29
An unspecified version of Workerman-ThinkPHP-Redis is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulner...
CVE-2021-43698
PUBLISHED: 2021-11-29
An unspecified version of phpWhois is affected by a Cross Site Scripting (XSS) vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET['query'] then there is a XSS vulnerability.
CVE-2021-24918
PUBLISHED: 2021-11-29
The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages.