The Cybersecurity and Infrastructure Security Agency (CISA), FBI and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory on cyber threats that target remote learning operations in the kindergarten through twelfth-grade category.
The joint cybersecurity advisory released Thursday states that there have been continued reports of ransomware attacks on K-12 institutions and students as of December 2020. FBI, CISA and MS-ISAC expect the attacks to continue through the 2020-2021 academic year.
Fifty-seven percent of MS-ISAC’s reported incidents represent K-12 schools in the August to September period, according to the advisory.
CISA, FBI and MS-ISAC noted that distributed denial-of-service attacks and video conference disruptions are among the cyber attacks reported over the past months. Identified risks and vulnerabilities include social engineering influence, open and exposed ports, student data breaches and end-of-life software.
The agencies also identified the most prevalent ransomware variants including AKO, Ryuk, Nefilim, Sodinokibi/REvil and Maze. The ZeuS and Shlayer malware variants were also common in impacted Microsoft Windows and Mac operating systems, respectively.
The interagency group recommends users to take steps such as software patching, multifactor authentication, network segmentation and regular password changes.