•   
  •   
  •   

Technology Ransomware: Sharp rise in attacks against universities as learning goes online

18:57  23 february  2021
18:57  23 february  2021 Source:   zdnet.com

Spain rejects virus confinement as most of Europe stays home

  Spain rejects virus confinement as most of Europe stays home Spain rejects virus confinement as most of Europe stays homeThe government has been tirelessly fending off drastic home confinement like the one that paralyzed the economy for nearly three months in the spring of 2020, the last time Spain could claim victory over the stubborn rising curve of cases.

a person using a laptop computer sitting on top of a table: Young student watching lesson online and studying from home. Young woman taking notes while looking at computer screen following professor doing math on video call. Latin girl student studying from home and watching teacher explaining math formula on video chat. © Getty Images/iStockphoto

Young student watching lesson online and studying from home. Young woman taking notes while looking at computer screen following professor doing math on video call. Latin girl student studying from home and watching teacher explaining math formula on video chat.

a close up of a screen © Provided by ZDNet
DDoS attacks and ransomware: How to protect yourself against them
Watch Now

The number of ransomware attacks targeting universities has doubled over the past year and the cost of ransomware demands is going up as information security teams struggle to fight off cyberattacks.

Analysis of ransomware campaigns against higher education found that attacks against universities during 2020 were up 100 percent compared to 2019, and that the average ransom demand now stands at $447,000.

Hillicon Valley: Biden picks stress need for cybersecurity in confirmation hearings | FTC chairman to step down this month | Progressives warn against appointing tech insiders to key antitrust roles

  Hillicon Valley: Biden picks stress need for cybersecurity in confirmation hearings | FTC chairman to step down this month | Progressives warn against appointing tech insiders to key antitrust roles Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.BIDEN NOMINEES ZERO IN ON CYBER: President-elect Joe Biden's nominees to serve as secretary of the Department of Homeland Security (DHS) and as director of national intelligence (DNI) on Tuesday both zeroed in on cybersecurity as being a major priority if confirmed.

More on privacy

  • Microsoft to apply California's privacy law for all US users
  • Mind-reading technology: The security and privacy threats ahead
  • How to replace each Google service with a more privacy-friendly alternative
  • Cyber security 101: Protect your privacy from hackers, spies, and the government

The sharp rise in the number of ransomware attacks, combined with the six-figure sums ransomware gangs demand in exchange for the decryption key means ransomware represents the number one cybersecurity threat for universities, according to the research by tech company BlueVoyant.

SEE: Network security policy (TechRepublic Premium)

Ransomware is a problem across all sectors, but for higher education it currently represents a particular problem because the ongoing COVID-19 pandemic means that students are receiving their teaching online while many academics are also working from home.

Teachers push back, churches in court, National Guard: News from around our 50 states

  Teachers push back, churches in court, National Guard: News from around our 50 states How the COVID-19 pandemic is affecting every stateStart the day smarter. Get all the news you need in your inbox each morning.

Overstretched IT departments might not have the ability to fully address security, providing cyber criminals with an opening to exploit.

"Operating in the middle of the pandemic provides even greater opportunity for the adversary," Austin Berglas, global head of professional services at BlueVoyant told ZDNet.

Berglas said IT staff are already busy ensuring students and staff have the necessary tools to conduct remote learning, from device configurations and the installation of new software and cameras to assisting end users that are having problems with the new technology. "These schools may not have the resources to properly secure the network," he said.

That means that universities could be considered an easy target for cyber attackers – and the lack of IT resources, combined with students and staff being reliant on the network being available, means that many victims of ransomware attacks in higher education will consider paying a ransom demand of hundreds of thousands of dollars in Bitcoin in order to restore the network as quickly as possible.

US school districts: Where the top ones stand with online and classroom learning

  US school districts: Where the top ones stand with online and classroom learning In the effort to balance health, jobs and quality education, the nation's biggest school districts are divided on how to teach students this semester. © AAron Ontiveroz/The Denver Post/Getty Images Of the 20 largest school districts: -- 9 are teaching entirely online. -- 8 offer fully in-person learning and a choice of fully online learning. (Several of these districts are in Florida, where the governor ordered schools to offer classroom learning.) -- 2 have a hybrid plan, with some virtual and some classroom instruction. -- 1 has a combination of plans, depending on the infection rates.

Researchers suggest that in many cases, cyber criminals are specifically targeting universities because they perceive them to be a soft target, and one from which it is easier to extract a ransom payment than businesses in other areas, which might potentially provide more lucrative targets, but that require more effort from attackers.

According to the report, more than three-quarters of the universities studied had open remote desktop ports, and over 60% had open database ports – both of which provider cyber attackers with an entry point into networks and a means to eventually deliver and execute ransomware attacks.

SEE: Phishing: These are the most common techniques used to attack your PC

While cyberattacks and ransomware continue to pose a threat to universities – and will continue to do so even after in-person teaching resumes – there are things that can be done in order to improve cybersecurity and reduce the chances of falling victim to malicious hackers.

This includes applying multi-factor authentication across all email accounts, so if cyber criminals can breach login credentials, it's much more difficult to exploit them for access around the network.

Data breaches fell in 2020, but identity thieves still raked in billions

  Data breaches fell in 2020, but identity thieves still raked in billions On Data Privacy Day, here's a reminder that breaches can affect you long after your data is stolen.The report, issued to coincide with Data Privacy Day, is a good reminder that stolen personal data has a long afterlife. After you file away a data breach notification, you'll remain at risk of becoming the victim of identity theft or a ransomware attack for a long time to come. Now is as good a time as ever to check your credit reports, health insurance records and bank accounts for anything suspicious. If you think you might be the victim of identity theft, you can contact the US Fair Trade Commission and the Identity Theft Resource Center for help.

"Ensure multi-factor authentication using a single sign-on solution. Multi-factor authentication will prevent the majority of phishing attacks, which is one of the top ways ransomware is being deployed," said Berglas.

It's also recommended that universities monitor networks for abnormal behaviour, such as fast logins or logins to multiple accounts from the same location, as that could indicate suspicious activity.

MORE ON CYBERSECURITY

  • University warns that 'serious cyber incident' could take weeks to fix
  • How ransomware attackers are doubling their extortion tactics TechRepublic
  • University of California SF pays ransomware hackers $1.14 million to salvage research
  • FBI and European law enforcement shut down VPN used by ransomware groups CNET
  • Ransomware: Attacks could be about to get even more dangerous and disruptive

Kia and Hyundai recovering from days-long network outages .
BOSTON (AP) — Kia Motors America says it’s restoring services crippled by a computer network outage that began Saturday and which apparently affected dealers’ ability to order vehicles and parts and knocked offline a smartphone app that owners use to remotely start and warm up vehicles. Both Kia and affiliated automaker Hyundai Motor America, which reported a less severe IT outage it said also began Saturday, said they had no evidence the problems were caused by ransomware. Neither would provide an explanation for what caused them.

usr: 0
This is interesting!