Cyber Actors Target K-12 Distance Learning

Posted on December 15, 2020January 6, 2022

AAFCPAs would like to make education clients aware that the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have assessed that malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber bad-actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year and beyond.

The disruption attempts include ransomware, malware, distributed denial-of-service attacks, video conference disruptions, social engineering, technology vulnerabilities and student data, open/exposed ports, and end-of-life software to name a few.

These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance the risks when determining their cybersecurity investments.

To report suspicious or criminal activity, contact your local FBI field office at www.fbi.gov/contact-us/field. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting organization; and a designated point of contact.

To request incident response resources or technical assistance related to these threats, contact CISA at Central@nullcisa.gov.

Cyber threats are continuously evolving, with new structures and schemes emerging daily. AAFCPAs’ Business & IT Consulting practice advises clients on improving their IT security posture with recommendations that are right-sized and tailored to be appropriate given each client’s resources and specific IT infrastructure requirements.

If you have any questions, please contact James Jumes, MBA, M.Ed. at 774.512.4062, jjumes@nullaafcpa.com; Vassilis Kontoglis at 774.512.4069, vkontoglis@nullaafcpa.com; or your AAFCPAs Partner.

About the Authors

James Jumes, MBA, M.Ed.

James joined AAFCPAs in 2013 to lead the Business Consulting Services practice. He has more than 25 years of experience working with information technology systems and diverse business operational processes. James is highly experienced in IT controls and assurance, SOX 404, and Service Organization Control (SOC) reports: SOC 1 (SSAE 18), SOC 2, SOC 2+ and 3 attestation reporting. James developed a unique methodology to delivering SOC reporting services, and he is an AICPA-approved Peer Review SOC Specialist, assisting peer review teams to review SOC 1, 2, 2+ and 3 engagements. He is a HITRUST Certified Common Security Framework (CSF) Practitioner, providing HITRUST CSF self-assessment consulting, or SOC 2 + HITRUST for assessing against the evolving compliance landscape shaped by HITECH, HIPAA, CMS and various other federal, state and business requirements.

Vassilis Kontoglis

Vassilis is a senior member of AAFCPAs' Business Process & IT Advisory practice with proven expertise in cyber security and IT risk assessments, data analytics and data visualization, and robotic process automation. He also has extensive expertise assessing IT general controls, and conducting System and Organization Control (SOC) attestations. He helps clients increase business process efficiency, effectiveness, and risk management.