Cyberattack against Regina Public Schools likely ransomware

Cyberattack against Regina Public Schools likely ransomware


New information has surfaced about the recent cyberattack on Regina’s public schools, which has forced it to shut down all Internet-based systems, such as email and other educational tools.

CBC News reviewed a copy of a note that appeared on computers that were part of the school district’s network.

The note says it comes from an organization called BlackCat / ALPHV, which experts say is well known for using ransomware attacks.

The note alleges that 500 gigabytes of files belonging to Regina’s public schools have been encrypted and that the group now has copies of data ranging from tax and health information reports to passports and social security numbers. .

“I think it’s a serious breach. There’s no doubt about it,” said Alec Couros, a professor of educational technology and media at Regina University.

What is ransomware?

David Shipley, a New Brunswick-based cybersecurity expert, told CBC News that ransomware is the number one threat to organizations operating in the digital world.

Ransomware is malicious software that encrypts data and allows information to be kept safe. Then, the person or group behind the attack offers to reverse the encryption in exchange for cash or, more commonly these days, cryptocurrency.

“It can also be used to paralyze devices and make it impossible to use the computer systems of a modern organization. It stops any organization, be it a business, a hospital, a school, even a full stop,” Shipley said Friday. .

David Shipley is the CEO of Beauceron Security CEO and a cybersecurity expert. (Jonathan Collicott / CBC)

Ransomware can enter an organization’s systems in multiple ways, Shipley said.

They may include fishing emails that trick someone into providing access, insecure remote network access, or patchless servers and systems.

Although the school division has said the attack began on Sunday, it has indicated how it started.

LISTEN | The battle against ransomware

6:38The battle against ransomware

Technology columnist Mohit Rajhans says the battle against ransomware attacks is becoming more sophisticated.

BlackCat / ALPHV is a criminal gang formerly known as DarkSide, which closed a U.S. gas pipeline last year.

The response to that cyberattack and the attention it drew has meant a brand change for the organization, which operates on a global scale.

“They have a sophisticated business model and are brutal in what they do,” said Shipley, who describes BlackCat / ALPHV as well-funded and well-resourced.

In March, the FBI reported that the organization had compromised at least 60 entities worldwide through ransomware attacks.

Fears of teachers

The cyberattack on Regina’s public schools has worried many teachers about what kind of data they have been exposed to, according to Patrick Maze, president of the Saskatchewan Teachers’ Federation.

“There are some concerns about confidential material that may be violated,” Maze said.

“We know that there is a lot of student data that keeps the school divisions going, and we know that there is also, of course, staff data … that would contain financial information and confidential personal information.”

Patrick Maze says teachers have expressed concern that their information is being exposed because of the cyber attack on Regina’s public schools. (Bryan Eneas / CBC)

The impact on day-to-day teaching is difficult to assess. Many of the online tools on which teachers depended throughout the pandemic and remote learning have disappeared.

The attack could not have come at a worse time. The school year ends in Saskatchewan and this means that grades will have to be done soon.

Online systems that store grades or allow teachers to record progress are not currently available. Even the attendance program is offline, forcing teachers to go back to pencil and paper.

“It’s a difficult time for staff and we just hope they can get over it and preserve the maximum work of students and conduct final assessments in the most efficient way possible,” Maze said.

What happens now?

Shipley said the school district did the right thing by isolating and immediately shutting down its online systems in an attempt to limit the scale of the attack.

The school division has limited options for retrieving its data, Shipley and Couros said. Shipley stressed that even if the ransom is paid, there is never a guarantee that the data will be delivered.

Other options include rebuilding the entire network with backups, which Saint John City Council decided to do in 2020 instead of paying the ransom, which is estimated to be worth between $ 17 million and $ 20 million in Bitcoin.

TARGET | Cyberattack on NL Health System, the Worst in Canadian History: Expert

Cyberattack on NL Health System, the Worst in Canadian History: Expert

A cybersecurity expert says the cyber attack on the Newfoundland and Labrador health system may be the worst in Canadian history and has implications for national security.

Shipley said the timeline for rebuilding networks from backups could be weeks or months. Couros said criminal organizations can set long-term deadlines or threaten to delete or filter information in the short term.

“This puts a lot of pressure on acting quickly, especially if it’s a credible threat, and makes it very difficult to find out exactly what has been taken, because you may not know the full extent of penetration into your systems.” . said Couros.

Only Regina Public Schools and the cybersecurity experts they have hired to help know what solution they have chosen and what timeline the criminal organization has given them.

No requests for feedback have been returned with Regina’s public schools left during this week.



Source link

Related post

EDUCAUSE 2022: How Data Collection Can Improve Student and Faculty IT Support

EDUCAUSE 2022: How Data Collection Can Improve Student and…

At Indiana University, Gladdin said, to make life easier for students and faculty, they implemented a course template for the Canvas…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…

Leave a Reply

Your email address will not be published.