In a joint advisory from the FBI, CISA, and MS-ISAC, school districts in the US are warned about the increase in the observed cyberattacks conducted by the Vice Society ransomware gang. As the new school year is coming closer, federal law authorities expect these ransomware attacks to propagate more.
Network defenders were also provided with indicators of compromise (IOCs) involving Vice Society attacks and the threat group’s TTPs observed in their recent malicious campaigns as recent as this month.
The authorities encouraged entities, especially the US school districts, to apply mitigation recommendations to ensure lesser ransomware incidents.
The affected school districts detected in the US have negatively impacted numerous institutions’ operations, including delays to students’ exams, cancelled school schedules, and constrained access to networks and data.
In worst-case scenarios, the victimised US school districts have also suffered from data theft, compromising the personal information and safety of school staff and students.
Authorities are critical about instructing network defenders to upgrade their measures in securing servers of companies and organisations, which could also lessen the impact of ransomware attacks. The instructions include immediately remediating detected vulnerabilities, training users to recognise and report phishing incidents, and strengthening passwords alongside activating multi-factor authentication (MFA).
The Vice Society ransomware group is notorious for launching numerous ransomware variants once a victim’s network is accessed. Two examples of these variants include Zeppelin and Hello Kitty ransomware.
This threat group is also known for executing double-extortion campaigns, wherein they first steal victims’ data before encrypting them. Like any other ransomware group, Vice Society will threaten victims to leak their data online or sell them on the dark web if they refuse to pay the ransom demand.
Ransomware attacks on the education sector have long been considered a dangerous threat. In 2021, about a thousand colleges, schools, and universities suffered ransomware attacks that disrupted many students’ education.
