On December 10, 2020 the federal government released a Cybersecurity Advisory on threats targeting K-12 distance learning education to cause disruption and steal data. The joint advisory is a product of the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Mult-State Information Sharing and Analysis Center (MS-ISAC).
The threat details from the full cybersecurity advisory is available online: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data.
These federal entities have concluded that malicious cyber actors are targeting these institutions and have produced an increase in reported ransomware attacks, theft of data, and disruption of distance learning services. With the shift to remote/distance learning, threat actors likely view schools as targets of opportunity and will continue to pose a large risk through the 2020/2021 academic year.
There are four main threats the joint Cybersecurity Advisory points to as the FBI, CISA, and MS-ISAC have seen an increase in reports. These threats are:
- Ransomware Attacks
- DDoS Attacks
- Video Conference Disruptions
The ICN has helped numerous schools recently when it comes to protection from Distributed Denial of Service (DDoS) attacks in light of these increases. The first step customers can take in protecting themselves from the increased threat is to work with their ICN Account Consultant. There is very little information required (from a customer) to stand up the DDoS Mitigation security service. The only limitation is that customers must have ICN Internet service to protect assets such as internal networks, websites, web servers, etc.
Additionally, if you believe you are experiencing a DDoS attack, contacting the ICN’s Network Operations Center (NOC) for emergency help is also an option.
Network Services Bureau Chief