How hackers exploit ransomware attacks within school systems amidst COVID-19

As COVID-19 explodes within the United States, hackers are using the pandemic to attack school systems on an alarmingly expansive scale. Because COVID continues to spread, many school districts across the nation plan to continue online classes into the spring. This pattern has been frustrating to students and parents alike. It’s been particularly bad for graduating seniors looking to enter the labor market as jobs are rapidly diminishing and student loan debt remains.

Hackers are acutely aware of how to exploit this situation through ransomware attacks. This has been widely publicized and confirmed, yet there seems to be no end in sight. Schools have enough to worry about educating the students without learning how to thwart hackers trying to take advantage of the nationwide chaos brought about by the pandemic.

The Maryland office of legislative audits recently conducted a study of the school district’s cybersecurity controls, revealing numerous weaknesses. The Baltimore public school systems failed to ensure that employees’ access rights to automated financial systems were adequately controlled. This led to unauthorized access to Personal Identifiable Information (PII.) There were approximately 26 publicly accessible servers that were not adequately protected within the internal network, including inappropriately placed firewalls. Insufficient protections led to improper access to the servers by students using wireless connections and high school computer labs.

The COVID-19 pandemic has been an unprecedented driver of the need to facilitate online learning as a viable alternative to physical classrooms. Hackers are fully aware that the schools are overwhelmed making this switch, which presents ample opportunity for exploiting a school’s security weaknesses to leverage ransomware attacks.

The solution is for schools to conduct an internal audit of all security controls, as well as review each of the following:

• Authorized privileges for all employees

• Firewall placement within the network

• All software end-of-life dates

• All anti-virus endpoint protection devices to ensure various malware or Trojan horse viruses are recognized before being accepted into the network as potential spam