The Russian invasion of Ukraine increases the risk of wiper malware spilling over to the US and our education infrastructure. You may remember NotPetya, which caused billions of dollars of downtime damage. The Wall Street Journal (WSJ) reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.

WSJ Reports

The WSJ said: “The wiper malware—this version is being called HermeticWiper by researchers—could mark an escalation in cyberattacks against various Ukrainian targets, security experts said. Websites of government agencies and banks were disrupted on Wednesday, and on Thursday, that of the Kyiv Post, an English-language newspaper.”

“On Wednesday, Slovakia-based cyber firm ESET said it also detected the wiper strain on hundreds of machines in Ukraine, adding that timestamps indicated the malware had been created nearly two months ago in preparation for deployment.”

The WSJ noted that “On Thursday morning, CISA Director Jen Easterly tweeted a Wired magazine article on the 2017 NotPetya hack, which emanated from a Ukrainian accounting firm and caused billions in lost sales and other damage to businesses including FedEx Corp. and Merck & Co. Inc.”

“While there are no specific threats to the U.S. at this time, all organizations (including school districts) must be prepared for cyberattacks, whether targeted or not,” Ms. Easterly wrote.

Recommendations

So, Tech Reformers strongly recommends to:

• Make sure your backups work and test your restore function, not for just files but whole servers
• Patch all known vulnerabilities and test the patches
• Deploy strong MFA to as many employees as possible (some MFA can be easily circumvented).
• Step all employees through at least a 15-minute security awareness training module to keep them on their toes with security top of mind.

Also, warn your staff: cybercriminals will start new, devious charity campaigns that claim to help people in Ukraine. Be prepared for the wiper malware.

Cybercrime has become an arms race where cybercriminals constantly evolve their attacks. You, the vigilant school district IT pro, must diligently expand your knowledge to prevent intrusions. This includes protecting the district network and your cloud (your SaaS and Infrastructure providers). Staying a step ahead may even involve becoming your own cybersecurity investigator. Learn to forensically examine actual phishing emails. Determine the who, the where, and the how to adjust your defenses.

In an on-demand webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, hosts. He shows you how to become a digital investigator to fight cybercrime.

You will learn:

• How to forensically examine phishing emails and identify other types of social engineering
• What forensic tools and techniques you can use right now
• How to investigate rogue smishing, vishing, and social media phishes
• How to enable your users to spot suspicious emails sent to your organization

Register for an on-demand webinar sponsored by Tech Reformers. No waiting. So, get inside the mind of the cybercriminal. Learn their techniques, and how to spot phishing attempts and improve district cybersecurity.