What school leaders need to know about organized cybercrime

Cyberattacks against K-12 schools continue to climb in both number and scale. Such attacks can have serious repercussions; according to a recent report from the Government Accountability Office, “officials from state and local entities reported that the loss of learning following a cyberattack ranged from three days to three weeks, and recovery time ranged from two to nine months.”

These attacks aren’t just being carried out by disgruntled students or “lone wolf” types. Increasingly, schools are becoming targets of organized cybercrime organizations. The FBI, CISA and the MS-ISAC issued warnings at the start of this school year, anticipating attacks may increase as criminal ransomware groups perceive opportunities for successful attack.

The rise of Ransomware-as-a-Service

Many of the recent prominent attacks against schools have been perpetrated by organized crime – and they’re often using what’s known as Ransomware-as-a-Service (RaaS). This is a subscription-based model that allows partners (affiliates) to use ransomware tools that someone else has already developed. The affiliates earn a percentage of the profits if the attack is successful, so there’s plenty of incentive. RaaS makes it easier to pull off more attacks more quickly, which has made it very popular.

Recent research found that ransomware threats remained at peak levels in the latter half of 2022 – with new variants being enabled by RaaS. In 2022, 82 percent of financially motivated cybercrime involved the employment of ransomware or malicious scripts. And not only are bad actors continuing to introduce new strains of ransomware, but they’re also upgrading, modifying, and reusing old ones. The result: Attacks that are more complex and damaging. RaaS appears to be the driving force behind it all.

RaaS is an indicator of what’s to come

The dark web is starting to host an increasing number of additional attack vectors as a service, and this will significantly increase the availability of what’s known as

Cybercrime-as-a-Service (CaaS). It includes new criminal strategies, such as the sale of access to already-compromised targets, will develop in addition to the sale of ransomware and other malware-as-a-service offers.

1 2 Next

Author
Recent Posts

eSchool Media Contributors

Bob Turner, Field CISO for Education, Fortinet

Bob Turner has years of experience as a higher education executive, board member, and thought leader with a focus on cybersecurity strategy and leadership, information assurance and business continuity planning, and information technology management. At Fortinet, he is the CISO for K-12 and higher education acting as a senior level strategic business and technical advisor for the cybersecurity community and business executives. Previously, Turner was a cybersecurity executive and Director of the Office of Cybersecurity reporting to the Chief Information Officer/Vice Provost for Information Technology at the University of Wisconsin at Madison. There, he built a cybersecurity team of 60+ cybersecurity experts delivering all cybersecurity services as well as improved university IT policy development by working with distributed IT and faculty governance groups to ensure cohesive approach to IT policy, governance, audit, and cybersecurity operations.

Latest posts by eSchool Media Contributors (see all)

3 ways to leverage tech for better student mental health - June 6, 2023
Safeguarding K-12 school networks with proactive cybersecurity approaches - June 6, 2023
Outsourcing student assessments can revitalize teaching - June 5, 2023

6 benefits of immersive learning with the metaverse

The metaverse is a tool that blends experiences typically associated with either the virtual or physical worlds. It can deliver greater immersive learning for students while also creating some new and exciting teaching opportunities. For educators, it is crucial to not only understand what the metaverse is and its uses within education but to also realize the benefits of immersive learning with the metaverse.

Building a Successful Certification Program at Your Institution

In a world where competition for jobs, pay increases, and academic success continues to increase, certifications offer hope to candidates and educators. Certification helps to build a skilled workforce that meets the needs of local employers and government tech initiatives.

Sign up for our K-12 newsletter

Global Impact STEM Academy Senior Receives Inaugural Waklatsi Service Scholarship

Intervene K-12 Receives $150,000 Grant From National Nonprofit Accelerate To Make High-Impact Tutoring Sustainable And Cost-Effective

New Evidence for the Every Student Succeeds Act (ESSA) Rating Reiterates i-Ready® Instruction’s Impacton Driving Student Outcomes

BookNook Names Education Veteran Jared Harless Chief Product Officer

CAE and Pearson Partner to Bring Critical Thinking Assessment to Secondary Education Students

Sign up for our K-12 newsletter

Login