Coin miners target schools

About 72 per cent of all malware activity in education involved some form of coin miner or cryptocurrency miner.
Jun 22, 2021
Coin miners have a new favourite target.

Computers running slow or overheating, network sluggish? It could be that crypto miners have found their way into your school network.

Unfortunately, schools are a soft target for the tech savvy and increasingly crypto miners piggyback and make use of their computing power to win coins.

About 72 per cent of all malware activity in education involved some form of coin miner or cryptocurrency miner.

The presence of coin miners can also prove to threat actors there are vulnerabilities in systems, leading to further, more malicious exploitation.

Education is one of the industries most impacted by the COVID-19 pandemic, the sudden shift to remote has left the education industry even more vulnerable to cyberattacks.

Education was the fifth most targeted industry for cyberattack in 2020, garnering 6 per cent of all attacks, including ransomware attacks and cryptocurrency mining.

Some researchers report ransomware attacks on education grew by as much as 388 per cent between the third and fourth quarters in 2020. Some attacks specifically targeted schools returning online after their break to generate extra pressure to pay ransoms. For example, after a ransomware attack disrupted a California school district in September 2020, it had to cancel five days of remote learning for 6,000 elementary school students.

The University of California, San Francisco made a ‘difficult decision’ to pay a ransom of USD 1.14 million in June 2020 because ‘The data that was encrypted is important to some of the academic work we pursue as a university serving the public good.’

Alarmingly, the cybersecurity maturity level of education is lower than other critical infrastructure industries. According to Cybersecurity Advisory assessments, education’s measured maturity level is only 1.04 (on a 0–5.99 scale), whereas finance measured at 1.84 and technology at 1.64 points. Since K–12 schools tend to be less equipped with cybersecurity resources than universities, they are more vulnerable to hacks.

As remote desktop protocol (RDP) has become a popular tool in education during the pandemic, the US Federal Bureau of Investigation warned in June 2020 that ransomware attackers were increasingly targeting vulnerabilities in RDP. Also, it’s important to encrypt stored data, including students’ personal information, to protect it from information thefts or double-extortion ransomware attacks.

The cybersecurity community needs to offer support to education, providing industry-specific cyberthreat intelligence updates and cybersecurity best practices without using technical terminologies.

From an article by Mihoko Matsubara, CISSP, Chief Cybersecurity Strategist, NTT Ltd., Japan

Photo by Worldspectrum from Pexels