The Education sector is an open and easy target for cyber attacks.
Andy Jenkinson
CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. NAMED AN EXPERT IN INTERNET ASSET & DNS VULNERABILITIES
The Castle School Education Trust (CSET) has been subject to a ‘highly sophisticated’ Ransomware attack, which has left 23 schools within the trust without access to any IT system.
A number of primary schools and secondary schools come under the trust including Marlwood and Mangotsfield secondary schools as well as Charfield, Severn Beach and Lyde Green primary schools and Downend School. Why are these schools seemingly being targeted? Well the truth is they are not. They are being attacked because of one thing and one thing only, and that is because they are demonstrating that their security is totally inadequate and therefore they are an open and easy target to breach.
The above screen shot confirms that Castle School Education Trust are in a woeful, totally exposed, vulnerable and exploitable insecure position. This is exactly what cyber criminals see and with just a little more work, they can discover exactly what vulnerabilities they can easily exploit and gain access. The first time anyone knew anything about this cyber attack, was when the systems failed and a Ransomware demand was made.
It doesn't stop there however, as CSET comes under the South Gloucestershire Council. Councillor Alison Evans was quoted as saying the attack was devastating and 16 servers had so far been replaced. We have written to Cllr Evans as the insecure issue is not just connected, but systemic.
So South Gloucestershire are in exactly the same insecure predicament as CSET and one has to wonder which came first and who actually enabled the breach in the first place. We know from extensive experience in both local councils and the education sector, security can certainly be greatly improved and this example confirms the typical inadequate and neglected security. But wait I hear you say, when you rang the council to alert them to their, and the CSET schools insecure positions, did they not kindly pass you to another company that looks after technology and security? Yes they did actually. A nice chap called Jason at Integra on IT Helpdesk couldn't help me and had heard of the event. He kindly provided the switchboard number for Integra that I left a message on because it went unanswered. It's clearly a wonderful service. I have subsequently had a call back from a lady called Amanda, who confirmed she couldn't help so connected me to another answering machine...
When we quickly checked Integra's security, the technology company that provides technology services to the schools and council, and I assume cover security, are unbelievably themselves totally exposed and vulnerable to exploits due to their own security Rating of F and 0... So to recap, the school, the council and the technical outsourced providers are all running F rated security and then have the audacity to call the cyber attacks 'highly sophisticated'...This is nothing short of a scandal.
Seriously people, if you are connected, be secure and maintain that security. We live in a digital world, you need digital and security experts, not excuses. The above shows systemic incompetence across the entire board an dis why cyber attacks are coming thick and fast.
You might now appreciate the first screen shot...
Two of the weakest links in the chain, people and the web-interface. https://breachaware.com/scan/domain/cset.co.uk
Cloud and IoT Architect | Chartered Engineer, AWS Security, IoT Solutions
3 年However, Dido Harding's breach at TalkTalk was the result of a known CVE in place for a lengthy period, from what I heard.