%20-%20Itza%20White.jpg?width=50&height=50&name=IMG_2309%20(1)%20-%20Itza%20White.jpg)
In today’s digital landscape, cyber threats continue to be a growing concern for educators and administrators alike. As schools continue to increase their dependence on technology, there has never been a more mission-critical moment to ensure your students and staff are protected against ransomware and malware attacks.
Our Cybersecurity expert Itza White curates a quarterly newsletter with concise analysis of recent cybersecurity incidents, a spotlight on the top three critical vulnerabilities affecting K-12 schools, and more. You can subscribe to that newsletter here.
Below is a section of our most recent newsletter:
IN THE NEWS: LockBit Black Ransomware Bot Sprays “Millions of Messages”
( Full Article: Botnet Sent Millions of Emails in Lockbit Black Ransomware Campaign)
But what does that mean?
Simple and high-volume phishing email campaigns use straightforward emails sent in large numbers to bypass security measures like spam filters. The emails are not aimed at any particular sector, making them a broad threat. Despite their simplicity, these phishing emails have been effective in evading detection.
Let’s break it down:
What is LockBit Black?
- This is a type of ransomware that, once downloaded and executed on a user's system, steals data, encrypts files, and terminates essential services, rendering the system unusable.
What is Phorpiex Botnet?
- A longstanding botnet that amplifies the scale of threat campaigns. When combined with LockBit Black, it increases the chances of successful ransomware attacks.
What do these messages look like:
The message in the article above were from a fictitious “Jenny Green” and carried the email address of “jenny@gsd.com” carrying the subject “Your document” and holding a zip file “Document.zip”. The copy read:
“Hello you can find your document attachment.
Please reply as soon as possible.
Kind regards, GSD Support.”
Actionable Steps for K-12 Schools -- Enhance Email Security
Implement Advanced Spam Filters
- Use advanced spam filtering solutions that can detect and block phishing emails before they reach users' inboxes.
Enable Email Authentication Protocols
- Set up DMARC, DKIM, and SPF to verify the legitimacy of incoming emails.
Subscribe to the newsletter ⤵️
