Jump to content
  • FBI warns of Vice Society ransomware attacks on school districts

    alf9872000

    • 293 views
    • 3 minutes
     Share


    • 293 views
    • 3 minutes

    FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the start of the new school year.

     

    "The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks," today's joint advisory reads.

     

    They also "anticipate attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks."

     

    The joint advisory also provides network defenders with Vice Society indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) observed by the FBI in attacks as recently as September 2022.

     

    "The FBI, CISA, and the MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents," the advisory adds.

     

    Attacks on the education sector, mainly targeting kindergarten through K-12 institutions, have a massive impact on their operations, ranging from restricted access to networks and data, delayed exams, and canceled school days to the theft of personal information belonging to students and school staff.

     

    One such attack was disclosed today by Los Angeles Unified (LAUSD), the second largest school district in the U.S., after a ransomware attack took down some of its Information Technology (IT) systems over the weekend—LAUSD hasn't yet attributed the attack to a specific ransomware gang.

    Victims asked to share attack details with the FBI

    Network defenders are advised to take measures to defend against and limit the impact of ransomware attacks, including prioritizing and remediating known exploited vulnerabilities, training their users to recognize and report phishing attempts commonly used as initial attack vectors, and enabling and enforcing multifactor authentication.

     

    The FBI also asked victims to share logs and other information linked to the attacks.

     

    "The FBI is seeking any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with Vice Society actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file," the federal law enforcement agency said.

     

    Vice Society is a threat group known for deploying multiple ransomware strains on their victims' networks, such as Hello Kitty/Five Hands and Zeppelin ransomware.

     

    They also steal sensitive data from compromised systems before encryption and later use it for double-extortion, threatening their victims to leak the stolen data if their ransom demand isn't paid.

     

    One of the group's recent victims is the Austrian Medical University of Innsbruck which was forced to reset all 3,400 students' and 2,200 employees' account passwords after severe IT service disruption and data stolen in the attack being leaked on the gang's data leak site.

     

    Source: Bleeping Computer

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...