The consulting firm EdTech Strategies, LLC, based in Virginia, reported that at least 289 school districts across the United States have suffered cyber incidents this year, as hackers have set their sites on compromising the vulnerable new protocol of “distance learning” for a variety of reasons ranging from community chaos to money extortion.
The Wall Street Journal reported on the growing threat, noting that while this year’s number of attacks are still lower than last year’s, they have surged over the past 2 months. Some districts have been hit by ransomware, like Southern California’s Newhall School District which was forced to shut down for 5 days while it rebooted its network, leaving 6,000 students without school for a week. Amateur cybercriminals are participating as well, such as the Miami high schooler who overloaded his own school district with a DDoS attack.
Avast Security Evangelist Luis Corrons commented that the attacks are not surprising at all. “The attack surface is huge. It doesn’t just include the servers and computers of all the staff, but also all the devices that students use. Protecting those and having them updated is complicated – even more when most schools do not have a proper IT team in place.”
While resources and guidance exist for the students who are learning from home, like a breakdown of the tech and life skills required for distance learning and a guide to the cybersecurity that protects the home learning system, but school districts are strapped with notoriously low budgets and usually no IT department. In an effort to improve cybersecurity for schools, some Washington lawmakers introduced a bill just last week asking for a $400 million grant. While they wait to see if it passes, educators around the country are finding themselves wearing multiple hats, performing their official duties as well as those of IT specialists.
6 Russian hackers indicted for myriad attacks
The FBI has gathered sufficient intelligence to indict 6 Russian GRU operatives for cybersecurity conspiracies that include damaging the infrastructure of Ukraine, destabilizing of the country of Georgia, undermining France’s presidential election, and attacking the 2020 Olympics in Tokyo. The indictment is the result of lengthy investigations by the FBI in cooperation with the Five Eyes alliance, as well as support from Google, Cisco, Facebook, and Twitter. Read more on The Guardian.
Photoshop amps up the AI
This week, Adobe released an update to Photoshop version 22.0 with new features that make the image editing software one of the most advanced consumer-facing AI toolboxes to date. Included in the update is a suite of what Adobe calls “neural filters” – AI overlays and effects that can cause deep fakes in portraits by changing things like age and facial expression, even amplifying or reducing feelings such as joy, surprise, and anger. The Verge reported that Photoshop has an advantage in the field thanks to its sizable catalog of stock images, which provides an array of examples diverse enough in age, race, size, and shape to overcome the typical racial biases endemic in facial recognition AI.
Beware the new “Windows Update” scam
The Emotet botnet has been relatively inactive for a while, but it returned last week in force with a worldwide malware campaign. The newest scam disguises itself as a Windows update message, urging users to update by clicking an “Enable Editing” and “Enable Content” button provided in the email. Clicking these will open up malicious macros that immediately infect the users’ systems with Emotet malware, usually resulting in a full ransomware takeover of the systems. Bleeping Computer reported that the malware is considered the most widely spread in the world, and you can learn more about it in our Avast deep dive into Emotet.
Phishing emails spoof Microsoft, DHL, Apple
Researchers studying phishing attacks in 2020 found that Microsoft jumped from the #6 most spoofed company in the 2nd quarter this year to the #1 most spoofed company in the 3rd quarter. Phishing emails trying to trick users into downloading malware onto their systems took the form of a phony Microsoft message in about 20 percent of cases worldwide. The second most spoofed companies were DHL and Apple, both tied with 9 percent of cases worldwide. The cybercriminals’ switch in tactics to impersonating these companies is due to the billions of users around the globe who began working from home during the pandemic. Read more on ThreatPost.
This week’s ‘must-read’ on The Avast Blog
More parents are having conversations about online safety with their kids since the Covid-19 pandemic started. According to the Avast Kids Online: Generation Lockdown survey, 47 percent of parents are having more of these conversations since going into lockdown and spending more time online. Read up on how to make online safety and security regular conversation topics with your kids.
*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/hackers-target-distance-learning-systems-avast