New Microsoft emergency updates fix Windows Server auth issues
7 million Robinhood user email addresses for sale on hacker forum
FBI system hacked to email ‘urgent’ warning about fake cyberattacks
High severity BIOS flaws affect numerous Intel processors
New Rowhammer technique bypasses existing DDR4 memory defenses
Emotet malware is back and rebuilding its botnet via TrickBot
Alibaba ECS instances actively hijacked by cryptomining malware
High severity BIOS flaws affect numerous Intel processors
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
US Education Dept urged to boost K-12 schools' ransomware defenses
The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks.
The call for action comes from US Senators Maggie Hassan (D-NH), Kyrsten Sinema (D-AZ), Jacky Rosen (D-NV), and Chris Van Hollen (D-MD).
It was prompted by a Government Accountability Office (GAO) report released on Friday, assessing the Education Dept’s current plan for addressing K-12 school threats — issued in 2010 — to be significantly outdated and primarily focused on mitigating physical threats.
“K-12 schools are increasingly coming under cyberattacks from a diverse set of actors, driven largely by the rapid rise of ransomware,” the four US Senators said.
“According to a database of publicly reported cybersecurity incidents at K-12 schools, 2019 saw almost three times more incidents than 2018 and 2020 saw a further 18 percent increase over 2019. These incidents include ransomware attacks on school districts in New Hampshire, Nevada, Arizona, and Maryland.”
For context on the impact of ransomware on US education institutions throughout 2021, ransomware attacks have disrupted education at roughly 1,000 universities, colleges, and schools since the start of the year, according to Emsisoft threat analyst Brett Callow.
While this number is lower than in 2020 (when 1,681 education institutions were hit), it’s mostly because ransomware attacks have hit smaller school districts this year.
GAO found that the two government agencies have provided K-12 schools with programs, services, and support (e.g., incident response assistance, network monitoring tools, and guidance for parents and students) designed to help defend themselves from these ongoing attacks.
However, it’s more than evident that K-12 education needs additional support, as shown by the growing number of successful cybersecurity breaches affecting K-12 schools.
To address this issue, GAO asked the Department of Education to schedule a meeting with the Cybersecurity and Infrastructure Security Agency (CISA) to decide how to update its sector-specific risk mitigation plan and determine if sector-specific guidance to address cyber threats is needed.
“We strongly agree with the GAO recommendations for the Department of Education, working with DHS’s Cybersecurity and Infrastructure Security Agency (CISA), to update the Education Facilities subsector-specific plan and determine if subsector-specific guidance is needed, and we are glad to see that the Department of Education concurred with the recommendation,” the Senators added (PDF).
“An updated subsector-specific plan will help the Department of Education and DHS effectively prioritize the risks, cyber and otherwise, to the Education Facilities subsector, while subsector-specific guidance would help K-12 schools better use existing cybersecurity frameworks and implement best practices.”
The two agencies were also urged to establish a coordination council for education facilities to encourage better coordination between federal, state, local entities, and private sector groups that support K-12 schools.
According to the Senators, this would further strengthen their protection against cyberattacks, just as it happened in the case of the Election Infrastructure subsector.
New bill sets ransomware attack response rules for US financial orgs
US Senate Passes Bill in Response to Rampant Ransomware, CyberAttacks
U.S. offers $10 million reward for leaders of REvil ransomware
US targets DarkSide ransomware and its rebrands with $10 million reward
FBI: Ransomware gangs hit several tribal-owned casinos in the last year
Not a member yet? Register Now
New Microsoft emergency updates fix Windows Server auth issues
High severity BIOS flaws affect numerous Intel processors
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Mozilla fixes critical bug in cross-platform cryptography library

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangsEwDoor botnet targets…

Western Digital warns customers to update their My Cloud devices

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…

These are the top-level domains threat actors like the most

AMD fixes dozens of Windows 10 graphics driver security bugsVoid Balaur hackers-for-hire…

Attackers can get root by crashing Ubuntu’s AccountsService

Attackers can get root by crashing Ubuntu’s AccountsServiceAttackers can get root by…