Ransomware tactics morphed — and schools took a drubbing
Despite a brief decline in the number of reported attacks after the pandemic began, many attacks have persisted, with ransomware groups devising new ways to breach systems and new techniques for coercing payments. The group known as DoppelPaymer started threatening to post stolen files online, realizing that in many cases a breach of privacy could be more damaging to public-sector organizations than merely the loss of their data. Ransom amounts began hitting new records, such as when the University of California, San Francisco paid its ransomers $1.14 million in June. Education institutions have been hit hard, with one cybersecurity analyst noting that K-12 districts are an especially “easy target” for ransomware attacks. As incidents have continued into the fall, members of Congress have started urging the Cybersecurity and Infrastructure Security Agency to do more to assist public schools.