Dozens of New Zealand schools hacked, access put up for online sale

Oceanía/Nueva Zelanda/14 de Julio de 2016/Autores: Emily Murphy And Pat Pilcher/Fuente: Stuff

RESUMEN: Decenas de escuelas de Nueva Zelanda han tenido sus servidores hackeados y el acceso a ellos acondicionados para la venta en línea. Hasta 36 escuelas tenían sus servidores comprometidos la semana pasada, de acuerdo con N4L, una compañía de educación de TI de propiedad del gobierno. Los directores de escuela dijeron que sus redes a menudo contenían información confidencial, como datos de contacto, registros de asistencia y calificaciones de los alumnos. En Auckland fueron atacados 11 escuelas. Había cuatro en Wellington, y tres en Otago y Southland. Cinco escuelas fueron atacadas Waikato, cuatro eran de la Bahía de Hawkes, y otros cuatro estaban en la región de Taranaki. El jefe de operaciones N4L Jeremy Nees no podía decir cómo se produjo el ataque. «No hemos realizado análisis forense detallados en los servidores afectados, sin embargo, es muy probable que la vulnerabilidad era una combinación de contraseñas débiles y permitir que los intentos de registro repetidas veces»
Dozens of New Zealand schools have had their servers hacked and access to them put up for sale online.
Up to 36 schools had their servers compromised last week, according to N4L, an education IT company owned by the government.
School principals said their networks often contained sensitive information such as contact details, attendance records, and pupils’ grades.
In Auckland 11 schools were targeted. There were four in Wellington, and three in Otago and Southland.
Five Waikato schools were attacked, four were from the Hawkes Bay, and another four were in the Taranaki region.
Two were in Northland, one in Marlborough, one in Canterbury and another in the Bay of Plenty.
N4L chief operating officer Jeremy Nees could not say how the attack happened.
«We have not performed detailed forensics on the affected servers, however, it is most likely the vulnerability was a combination of weak passwords and allowing repeated log-in attempts.»
70 domain names for servers at 36 schools were included on a global list of 70,000.
Access to the compromised servers was put up for sale on an underground online marketplace, Nees said.
It’s unclear whether any sales took place.
According to software security company Kapersky Labs, the server access was sold by a Russian hacking group.
Ministry of Education head of sector enablement and support Steve Stuart said the motivation for the attacks remained unknown.
He said there were a «range of reasons» hackers targeted servers, including «sending spam or for pure financial gain.»
The marketplace has been closed down, but Nees expected the «attempts to compromise or infect computers would continue.»
The Ministry of Education advised schools to check whether their servers had been compromised.
Stuart said the ministry was in regular contact with the 36 schools to provide «advice and support about how they can remedy the situation.»
NetSafe executive director Martin Cocker said schools did not always have the right level of protection in place.
They were often squeezed between «the reality of their budget and the complexity of the networks they run», he said.
Complex decisions around the security of networks was often in the hands of educators, rather than qualified experts, he said.
The rapid uptake of technology in schools, including bring-your-own-device [BYOD] schemes made school networks increasingly complicated, with hundreds of pupils’ devices on one network.
«I really think we’re getting to the time where schools would appreciate a solution provided for them in terms of system management, and security management.»
Schools manage their own cyber security, using money from their operational grant to fund protection.
They have access to a government funded network for support, but some prefer to use external companies.
Linewize Founder Scott Noakes said his company provided support for over 200 schools in New Zealand.
The most common problem was that schools weren’t separating BYOD traffic from their internal servers, he said.
The devices students bought to school sometimes had malware installed, and could make a school’s network more vulnerable to attacks, he said.
Noakes said some schools had strong networks, while some were at the «opposite end of the spectrum.»
Lincoln primary school principal Viv Butcher said her school’s system was «robust», but it came at a cost.
The school’s deputy principal and another teacher managed the network, but Butcher said both were «highly skilled.»
Cashmere High School principal Mark Wilson said an external company managed his school’s network.
The school planned to spend around $400,000 on ICT this year, which included the cost of salaries for two expert technicians.
Foto: Scott Noakes, CEO of Linewize said schools sometimes make themselves vulnerable to hackers.

Fuente: http://www.stuff.co.nz/the-press/news/82112042/dozens-of-new-zealand-schools-hacked-access-put-up-for-online-sale