Tag Archive for: Unified

San Diego Unified School District target of cybersecurity breach

/in


SAN DIEGO — The San Diego Unified School District is struggling through another cyber attack.

The latest security breach was announced after the district alerted the FBI and other local law enforcement agencies.

“It’s not a question of if, but when this is going to happen,” said Sai Huda, a cybersecurity expert and founder of Cyber Catch.

Schools are fast becoming a favorite target for hackers, because computer security experts say they are often a soft target. The attackers are after the data. They also want money so it’s a double bounty.

“What they want to do is affect ransomware and bring the school to a halt and demand payment,” Huda said.

The San Diego Unified School District declined to comment but released this statement:

“After learning of this incident, we acted swiftly to take steps to secure our network, to launch an investigation and to prevent any disruptions to (information technology) operations.”

The extent of the breach will take time to understand, but security experts say anyone affiliated with SDUSD should change their passwords and started to monitor their credit file closely.

Parents of students should also monitor their students credit files as well, because hackers could try to open up credit lines even before the student turns 18.

“If you go to college all of a sudden, you’ll discover your credit is ruined and you will be rejected from the loan. So, the impact is just devastating,” Huda said.

SDUSD is expected to have more information in the days to come.

Source…

‘Cybersecurity incident’ hits San Diego Unified computer network

/in


The offices of San Diego Unified School District have experienced a computer-network security breach, SDUSD officials disclosed this week.

District Superintendent Lamont Jackson on Thursday sent a letter to his staff and families of students attending SDUSD campuses to apprise them of what he described as a “cybersecurity incident.”

“After learning of this incident, we acted swiftly to take steps to secure our network, to launch an investigation and to prevent any disruptions to (information technology) operations,” Jackson wrote. “We also notified law enforcement and engaged cybersecurity professionals to assist.”

Though SDUSD officials did not reveal if the breach may have resulted in the misappropriation of any sensitive data or involved any ransom demands, Jackson stated that all the district’s “critical systems continue to be operational, and the incident has not impacted the safety and emergency mechanisms in place at schools and offices.”

“Out of an abundance of caution, we have changed all passwords for staff, and we will continue the process to change passwords for student accounts as a measure to continue strengthening our IT system,” the superintendent asserted. “In the coming days, our school staff will work on providing new passwords for students on a schedule prepared by the district.”

SDUSD officials “will provide an additional update once our investigation is complete,” Jackson wrote.

“We want our students and the San Diego Unified community to know that we place a high value on maintaining the integrity and security of the data we hold in our systems and (that) we are working diligently to complete our investigation of the incident,” he stated.

Source…

Los Angeles Unified School District Hackers Demand Ransom

/in


(TNS) — The hackers who targeted the Los Angeles Unified School District have made a ransom demand, officials confirmed Tuesday, an indication that the attackers have extracted sensitive data or believe they can bluff the district into thinking that they have.

“We can confirm that there was a demand made,” L.A. schools Supt. Alberto Carvalho said. “There has been no response to the demand.”

Carvalho declined to disclose the amount of the ransom demand or any further information about what information, if any, the attackers may be holding.


He said that there have been “no new security breaches” and that the school system is continuing “our ramping up of apps and systems.”

Officials said they are optimistic that Social Security numbers and other sensitive information of employees remain secure. But the outlook could be different related to student information, such as grades, course schedules, disciplinary records and disability status. The district does not collect Social Security numbers for students and parents.

Earlier Carvalho disclosed that the attackers extended their deadline for entering into negotiations without specifically mentioning a ransom amount. The district, Carvalho added, is following the advice of experts and law enforcement, which includes the FBI as well as the Los Angeles Police Department.

In a related development, federal officials on Friday announced a new major grant program to help public agencies better secure themselves from cyber attack.

The demand for money was widely anticipated in the wake of the cyber attack, which was discovered in progress on the night of Sept. 3, the Saturday of Labor Day weekend.

Hackers will typically threaten to post sensitive data online if they are not paid, but it can be difficult to determine what they’ve obtained, and they might be lying.

In general, such payments are a bad idea, said Clifford Neuman, director of USC’s Center for Computer Systems Security.

“It is important for any organization impacted by ransomware to understand that even if they pay a ransom demand, they will still incur significant IT expense and delays to repair the system,” Neuman said….

Source…

Unified API Protection for Telcos and Mobile Carriers – Time to Value

/in


Largest Mobile Carrier Identified 4,600 APIs
in Days, not Weeks, or Months

The security team at the nation’s largest mobile carrier had a problem trying to obtain a consistent and complete inventory of the company’s sprawling API footprint. Business critical API-based applications were driving the mobile carrier’s day-to-day business of managing their mobile network, but the number of APIs were quickly outstripping their ability to keep track of them all.

Key Objectives: A Complete API Catalog

A 2021 security team objective was to obtain a complete running inventory of all their APIs within their organization to ensure that they understood their entire API footprint. Across the organization, they had software groups that supported API application development but worked independently of each other. What resulted was shadow APIs that were not cataloged and were without the oversight of the security team. However, because so many teams were associated with API development, and in the absence of API protection solutions, the cataloging process for both managed and unmanaged APIs was difficult, time-consuming, and lacked accuracy.

AppSec/API Security 2022

Scratching the Surface

When asked how many APIs they had, the security team replied that they had roughly 100 APIs that had been documented manually. They intuitively knew that they were only scratching the surface as there were (likely) hundreds if not thousands of APIs still unaccounted for and not within their existing API catalog.

API Sentinel Automates API Discovery

Cequence introduced API Sentinel to the security team and a proof of concept (PoC) was kicked off. By deploying API Sentinel, in just a matter of days, they were able to discover over 4,600 API endpoints that were active across their infrastructure – a 98% increase in API visibility and inventory over what the security team had just days prior to the introduction of Cequence. Moreover, they were able to obtain deep security insights that included the following:

  • 6 sensitive data exposure incidents where customer ID, account number and other related business sensitive data was exposed.
  • 5 instances of user authentication issues where username and passwords were exposed in cleartext,…

Source…