At a glance.
- Two US universities added to Cl0p's target list.
- The dangers of using public Wi-Fi.
- Iowa school district says thousands impacted in data breach.
Two US universities added to Cl0p’s target list.
Russia-linked ransomware group Cl0p has been busy targeting US institutions lately, and two more of its victims surfaced over the holiday weekend. KMOV reports that the University of Missouri disclosed their investigation of a possible cyberattack that might have compromised university data, and Cl0p has already taken credit for the attack. As well, the prolific threat group has also claimed responsibility for the recent attack on the University System of Georgia. As WSB-TV notes, the attacks have been linked to recently discovered vulnerabilities in software company Progress’s popular MOVEit file transfer software, which is used by a plethora of clients worldwide.
The dangers of using public Wi-Fi.
It’s World Wi-Fi Day, but experts say any planned celebrations should come with a hefty dose of caution. A recent study published by Forbes Magazine states that 35% of North Americans access public Wi-Fi networks three to four times a day, and as a result 40% of them have suffered from data compromise. The Manila Times offers some tips for securing private data while using public wireless services. Never connect to an unknown network, as cybercriminals will often create fake networks that mimic those of legitimate businesses. Limit browsing to only secure internet pages, and be wary of any suspicious emails or messages. And of course, common sense measures like strong password hygiene, multifactor authentication, and regular system updates are essential security steps.
Iowa school district says thousands impacted in data breach.
Des Moines Public Schools (DMPS), the largest school district in the US state of Iowa, released a statement yesterday announcing it will be notifying nearly 6,700 individuals this week that their personal data were possibly exposed in a data security incident that occurred last January. “While the investigation is ongoing, it has now been determined that some data was exposed during the attack. However, there is currently no evidence of financial fraud or identity theft associated with the data breach,” the announcement reads. Bleeping Computer adds that although DMPS received a ransom demand from an unnamed ransomware group, the district is following the advice of cybersecurity experts and will not be paying the ransom. The attack forced the district to take its network services offline and cancel classes for several days. DMPS was not the only Iowa district to be targeted by attackers recently, as Cedar Rapids Community School District, the Davenport Community School District, and the Linn-Mar Community School District were all hit last year.
(Added, 9:15 PM, ET, June 20th, 2023. Stephen Gates, Principal Security SME at Horizon3.ai, finds the length of time it took to notify those who might have been affected excessive. “Waiting for over 5 months to notify individuals that their data might have been exposed will not win you a 'rapid response contest' anytime soon. We as an industry must do better in alerting those potentially impacted so they can take some sort of defensive action sooner rather than later," Gates wrote. He also offered some thoughts on why schools are attractive targets: they're soft targets. “School systems are often easy pickings for attackers. Their IT staff, who are usually responsible for security, tend to be overworked and underpaid, and the security technologies at their fingertips are not always the best or the latest. I suggest a different approach that allows schools systems of any size to affordably find, fix, and verify truly exploitable vulnerabilities using autonomous, repetitive, penetration tests that expose the greatest risks so they can be immediately remediated with guidance anyone could follow. Maybe it's time to rethink the way we're securing our greatest assets - our nation's children and their families.”)