FBI alerts schools to ransomware threat
- By Mark Rockwell
- Feb 07, 2018
Student records hold a trove of personal data -- from basic contact information to sensitive behavioral reports and private health information, making them an attractive target for hackers.
A hacker group called TheDarkOverlord has been trying to sell private records extorted from almost 100 schools and businesses, according to a recent warning by the FBI and the Department of Education inspector general.
TDO used remote access tools to break into school district networks and steal sensitive data. It then threatened to release or sell the sensitive data – and even warned of school shootings -- unless ransom was paid.
As of this January, the group was responsible for 69 intrusions into schools and other businesses and the attempted sale of almost 100 million records containing personally identifiable information. According to the notice, TDO has already released 200,000 records on more than 7,000 students.
The FBI said it does not recommend schools make a ransom payment when they're threatened, as it does not guarantee they will regain access to data. Instead, the FBI wants schools targeted by the hacker group to contact law enforcement, preserve the evidence of threats and keep a detailed timeline.
Additionally, the FBI said, schools must do a better job of protecting their networks and data, including auditing and restricting remote access, implementing a backup and recovery plan and apply software or firmware updates as soon as possible.
This article was first posted to FCW, a sibling site to GCN.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at firstname.lastname@example.org or follow him on Twitter at @MRockwell4.