Online attack disrupts Michigan school district for second day


The K-12 education sector is a target for ransomware gangs

Mihir Bagwe (MihirBagwe) •
September 21, 2022

The South Redford School District website as seen on September 21, 2022

A Michigan school district has suspended operations for a second day as a forensics team investigates an online attack that put the personal information of students at four elementary schools and three middle and high schools at risk.

The more than 3,000 students in the South Redford School District in suburban Detroit were cautioned against using district-issued devices.

The investigation into the attack should “limit access to and exposure to our networked technology and systems,” the school district said.

Jaylen Green, high school student Told the local television station WJBK the district sent a notification on smartphones. “He said don’t go on your Chromebooks, don’t do anything on your phone that’s school related, like the websites we use for homework, Google Slides, stuff like that,” he said. Green.

A relative saw the good side of the incident. “I just told her she can’t use her Chromebook today, so we’re cleaning up instead!” said Sheantez Kimling Mackey of her child, to the television channel WXYZ.

The incident follows a series of recent ransomware attacks against school districts, including the one on California’s largest public school systemwhose data has been put up for sale on the dark web months before the attack.

The FBI, the Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center earlier this month warned school districts that cybercriminals are increasingly targeting the education sector with ransomware. K-12 districts are considered “particularly lucrative targets due to the amount of sensitive student data,” federal officials warned.

Emsisoft analyst Brett Callow, who tracks online attacks against the education sector, told Information Security Media Group that the back-to-school period of late summer and early fall is a particularly active time for ransomware in the education sector. School districts have “proved to be profitable targets,” he says. “Ransomware gangs are very predictable. If attacks on an industry have a good return on investment, that industry will be attacked again and again,” Callow told ISMG.

Congressional watchdog, the Government Accountability Office last October warned that the Department of Education has not updated cybersecurity guidelines for the K-12 sector since 2010, making the sector less likely to access federal support to help protect against attacks in line.


Comments are closed.