Pedagogical Phishing: Understanding The Morton School District Cyber Attack

by

February 20, 2017

The recent Morton School District hack is a reminder that everyone is at risk from cyber attacks, and provides valuable insight into how to bolster security.

School Hackers

As computer systems become embedded in every aspect of our lives, no one is safe from cyber attacks. Public schools are particularly vulnerable, as they store sensitive data on their students and employees but often lack the training and equipment to adequately defend it. A recent attack against the Morton School District in Illinois demonstrates just how widespread the risk is. It also serves as an example of what school districts should and should not do to prevent and respond to attacks, potentially helping other schools to keep themselves safe in the future:

Analyzing The Attack

On 31 January 2017, Russian hackers used a phishing scam to gain access to sensitive data from the Morton School District in Tazewell County, Illinois. The hackers sent an email claiming to be from Lindsey Hall, the district’s superintendent, requesting information for W2 forms. A staff member responded to the email by sending out the names, social security numbers, and salary information for 400 of the district’s employees. When the employee received another email from that address requesting more information, she became suspicious and contacted the police. Investigators determined that the email had not come from the superintendent, tracing it to Russian servers instead.

Because the district acted quickly, the potential damage from this attack is low. Although the hackers learned the social security numbers of 400 employees, they did not receive their birth dates or addresses, limiting what they can do with those figures. Authorities provided the employees who were affected by tracking applications they could use to analyze unusual activity that involved their social security numbers. Nonetheless, the fact that Russian hackers successfully stole information from an Illinois school district is unsettling, prompting concerns that other schools may be at risk.

Proactive Prevention

In many ways, the Morton School District is a model for how to respond to cyber attacks. The staff quickly identified suspicious activity, contacted the authorities, and took the necessary steps to keep themselves safe. Ideally, however, school districts should never have to respond to the attack in the first place. Districts should maintain the risk of hacking to a minimum by:

  • Educating Employees– Districts should train their staff on proper cybersecurity measures, notably by teaching them how to recognize and avoid common scams.
  • Assessing Access– Social Security Numbers and other sensitive information should not be available to any employee. Districts should control who has access to such data, thereby minimizing the number of staff who could fall victim.
  • Reinforcing With Redundancy– In addition to stealing information, hackers can also prevent institutions from accessing their data and systems. Schools should have redundant systems and data storage to minimize the risk from such an attack.
  • Security Steps– School districts must institute and regularly update security software, strong passwords, and physical protection for their hardware.

Integris offers schools, businesses, and all other Baltimore, Washington, DC And Across Maryland institutions with valuable cybersecurity support. For more information on keeping yourself safe, contact [email protected] or (888) 330-8808 today.

Used by permission

We're Integris. We're always working to empower people through technology.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...