MIAMI – Moroccan hackers infiltrated the computer networks of several Florida school systems to post ISIS images and probe potential access to state and local voting systems.
United Data Technologies, a Florida cybersecurity company investigating the hacks, told the Miami Herald the hackers sent an emailed image to school staff about two months before the November election that, once clicked, gave them access to school computer systems.
At least four school districts were targeted by the hackers. When they gained access, the cyber vandals turned off the system’s data logger and looked for ways to collect social security numbers and other data on students, as well as connections to local or state government voting sites, according to the news site.
It took until December, after a photo of someone dressed up as an ISIS fighter showed up on two different school websites in the Miami-Dade school district, that school districts contacted UDT about the malware.
Paul Smith, Miami-Dade’s data security director, alleged the Moroccan hackers never gained access to private student data or state or local voting systems, and downplayed the breech as an “attempted hack.”
“I would say if anything it was an attempted hack,” Smith told the Herald. “But it was raised up to law enforcement and we did go through all the systems.”
Network World noted that the hackers bragged about working to break into state “Diebold” voting systems through the school computer networks, though the claims came in December, well after the election.
“That is a very common tactic,” Michael Kaiser, executive director of the National Cyber Security Alliance, told the Herald. “A school district network almost likely is attached to other networks in the town or city or even the state, depending on how the network is set up.”
UDT eventually tracked the hacks to a group called MoRo in Morocco, and revealed that they infiltrated at least four Florida school districts to fish for student data and connections to other government systems. The group also targeted a Florida city network with the same malware hack, though the Miami-Dade school district was the only one identified by UDT.
The Miami Herald points out it’s not the first time that hackers have targeted school computer systems.
New Jersey’s Swedsboro-Woolwich School District computer system was attacked in 2015. In that case, hackers froze the computer system and prevented students in the district’s four elementary schools from taking online tests. The hackers demanded 500 bitcoins – online currency worth about $128,000 – to return control to district officials, who refused to pay and opted instead to rebuild the district’s computer system, FedScoop reported at the time.
Students and school employees in numerous school districts have also faced criminal charges for stealing data or attempting to change grades.
Nationwide, the Verizon 2017 Data Breach Investigations Report identified at least 450 “security incidents” involving school computer systems last year, the Herald reports.
UDT Chief Information Security Officer told the news site the increasing cyber attacks should convince school officials to take the issue seriously and act to protect valuable student information before it’s too late.
“Sometimes I just scratch my head and think, ‘Are these people asking the right questions or do they just not want to know? Is it safer not to know?’” he said. “I think for me we’re messing with kids’ information. Little Johnny, by the time he finds out his credit is ruined, it’s too late.”