Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
Threaded  |  Newest First  |  Oldest First
tdsan
50%
50%
tdsan,
User Rank: Ninja
4/16/2020 | 2:01:13 PM
Interesting post
I think with the schools, it is the administrative staff that does not put emphasis (money) into the schools IT, education and training. They are more concerned with the bottom-line as opposed to external threats.

For example, a number of applications that I identified still had the admin user name and password, no one took the time to change it and there are a number of applications and devices that are still set to default settings, they just take it out fo the box, configure it for the network and attach it for kids to use.

Ransomware Hit Over 1,000 U.S. Schools in 2019

In addition, the kids who are in the schools have been causing some of the attacks because they have found holes or vulnerabilities where they continue to exploit and use for their own purposes.

What needs to happen is that for every device that enters into the school, there needs to be a preconfigured template they use (planning will play a big part) and then deploy the solution without intervention from the admin IT staff (that is usually one person who has been appointed to do the job), provide adequate training to people who have done this before and look into other applications other than Windows (someone said that if the schools would create a team of well trained students to help with the Ransomeware issue, they could help the admin staff - a type of project - address the IT needs, empowering the school and the kids as well).

Todd
tdsan
50%
50%
tdsan,
User Rank: Ninja
6/12/2020 | 9:50:06 AM
Re: Interesting post

Our students often made attacks on servers with grades and personal data...This factor should be legitimate and free. This is the right way to identify malicious attacks - lafnian1990,

I was not sure if you saw that, but I reiterated that we need to strike a balance between the kids and the admin staff to work together to address some of the issues found on the network, not just malicious attacks, but attacks that were found open from untrained staffe members who place IOT devices on the network and don't provide a "secured template" (this is from an admin perspective).

The kids on the other hand (who have been identified as being talented) need to be put in a sandbox (once they have been identified) so they can hack away, I do think learning comes from various sources but I don't think the kids need to be the only source of knowledge when it comes to malicious attacks, there needs to be an oversight group (remote monitoring), proper training, develop a sandbox for testing, educate the students about white-hat processes (provide them with proper guidance), follow system hardening practices (DISA Stigs) and work collaboratively together to identify potential holes.

Now this is the way as a group we need to mitigate attacks from various educational sectors, not just one source but a collective source of thought and guidance.

The Hacker School Experience | WIRED

T


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...
CVE-2021-40654
PUBLISHED: 2021-09-24
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page