District continues investigation into cyber-attack

     The week of October 3rd, Grain Valley Schools experienced a cyber-attack, resulting in a disruption to certain district computer systems. In a brief statement, the district stated the investigation into the cause and impact continues. 

     "Grain Valley School District (GVSD) recently began experiencing technical difficulties, resulting in a disruption to certain computer systems. We are working diligently with third-party IT specialists to investigate the source of this disruption, confirm its impact on our systems, and restore full functionality to our systems as soon as possible. We appreciate your patience and understanding and apologize for any inconvenience."

     The district had been in the process of migrating to a new phone system when the cyberattack occurred. According to Dr. Amanda Allen, Assistant Superintendent, Student and Community Services, "until the investigation is complete, the migration is postponed. It will resume as soon as the cyber-attack is resolved."

     
     Burton Kelso, Chief Technology Expert with Integral, explains the majority of cyber-crime requires user interaction, which means if you take the time to educate yourself about the different cyber threats on the Internet, you can keep yourself and your business safe. Kelso outlines the threats individuals and business owners may encounter and how to protect yourself from them.
1. Accidental Sharing. This occurs when you or a friend accidentally shares sensitive information such as hitting 'reply all' to an email or when you use Carbon Copy (CC) to send out an email to a lot of connections rather than clicking on Blind Carbon Copy (BCC). 
How to Stay Safe: Don't be in such a rush when sending out emails and other information. When you fail to take the time to watch what information you're sharing, you're risking exposing sensitive information such as passwords to home and work accounts, company sensitive emails, and more.

2. PDF Scams. If you aren't familiar with what a PDF is, it stands for "Portable Document Format" and was developed by Adobe. These scams are on the rise because even though you will probably avoid clicking on a link on an email or downloading most attachments, you probably will attempt to open up a PDF file. Why? Well, if you see a PDF file as a file attachment, you will assume it's an important document and open it up.
How to Stay Safe: Beware of generic emails that show up in your inbox that come from unknown sources and have generic greetings. Also, if you get a PDF file unexpectantly, if possible, call the sender of the email to verify they were the ones who sent it.


3. Credential Stuffing. The act of credential stuffing means using the same username and password information to log into online accounts. This form of cyber-crime relies on people not changing their login credentials on a regular basis. Cybercriminals get on the dark web to look for username and password data dumps. Once they get this information, they use bots to automatically your information to attempt to log into common social media and email sites to get the personal data stored in these accounts. Once they get more information about you and where you visit on the internet, they will use this information to log into your financial accounts and even work accounts.
How to Stay Safe: It's important that you keep an eye on large-scale data breaches to verify your information hasn't been leaked as well as making sure you don't use the same usernames and passwords for your online accounts. Check to see if your information has been leaked at www.fightingidentitycrimes.com and at www.haveibeenpwned.com. Keep track of all of your pesky passwords by storing them in your favorite web browser or use a password management software program like LastPass (www.lastpass.com)

4. Vishing and SMShing. Vishing or voice call phishing has been around for a while (think tech support scam phone calls), but SMShing or SMS Text phishing has risen during the pandemic because people respond to text messages easier making it more likely that you'll fall for a scam. Both use a technique called "social engineering' which is designed to get you to react to a phone call or email rather than taking the time to think if it's a legit call or not. Samples of these types of attacks usually involve there is a problem with a personal or work account, problems with your computers and technology, or a subtle sales pitch to get you to purchase something you don't need.
How to Stay Safe: The best defense against voice phishing and SMS phishing is to ignore the message if you don't recognize who's calling or leaving a message. If you're a small business or home user, limit who you share your home or mobile phone number with. If you have to share a number with the public, create a 'free' phone number with Whatsapp (www.whatsapp.com) or Google Voice (www.google.com). If you have a lot of incoming spam calls coming in, sign up for the Do Not Call Registry at www.donotcall.gov. Check to see if your mobile carrier offers spam call and text protection. You should also consider download and using the RoboKiller app (www.robokiller.com).

5.Ransomware. Ransomware is probably one of the most devastating cyber threats on the web today. If your home or office computer is infected with ransomware, it could mean the files on your devices are lost forever. Ransomware encrypts or locks up the pictures and documents on your devices. Ransomware is so lethal, it will infect multiple devices that are connected together on your home or office network, including cloud storage services and external hard drives used for backup. You are only able to gain access to them if you pay the ransom criminals will put up.
How To Stay Safe: Ransomware normally shows up in the form of a phishing email, so think before you click on any link or attachment that shows up in your inbox. Set up an automatic backup system for all of your home and office devices. Services like Carbonite (www.carbonite.com) can keep your Windows and Macintosh safe in the cloud with automatic backup. For your smartphones and tablets, it's worth it to pay Apple and Google the extra money for storage to allow you to backup your information to their cloud services.

     In a world where the internet connects all your devices and allows you to work from home and communicate with your loved ones, staying on top of cyber threats has never been more important.