Sunday, 17 July 2016

On 04:37 by admin   No comments
Dozens of New Zealand schools have had their servers hacked and access to them put up for sale online.

Up to 36 schools had their servers compromised last week, according to N4L, an education IT company owned by the government.

School principals said their networks often contained sensitive information such as contact details, attendance records, and pupils' grades.

In Auckland 11 schools were targeted. There were four in Wellington, and three in Otago and Southland.

​Five Waikato schools were attacked, four were from the Hawkes Bay, and another four were in the Taranaki region.

Two were in Northland, one in Marlborough, one in Canterbury and another in the Bay of Plenty.

N4L chief operating officer Jeremy Nees could not say how the attack happened.

"We have not performed detailed forensics on the affected servers, however, it is most likely the vulnerability was a combination of weak passwords and allowing repeated log-in attempts."

70 domain names for servers at 36 schools were included on a global list of 70,000.

Access to the compromised servers was put up for sale on an underground online marketplace, Nees said.

Ad Feedback

It's unclear whether any sales took place.

According to software security company Kapersky Labs, the server access was sold by a Russian hacking group.

Ministry of Education head of sector enablement and support Steve Stuart said the motivation for the attacks remained unknown.

He said there were a "range of reasons" hackers targeted servers, including "sending spam or for pure financial gain."

The marketplace has been closed down, but Nees expected the "attempts to compromise or infect computers would continue."

The Ministry of Education advised schools to check whether their servers had been compromised.

Stuart said the ministry was in regular contact with the 36 schools to provide "advice and support about how they can remedy the situation."

NetSafe executive director Martin Cocker said schools did not always have the right level of protection in place.

They were often squeezed between "the reality of their budget and the complexity of the networks they run", he said.

Complex decisions around the security of networks was often in the hands of educators, rather than qualified experts, he said.

The rapid uptake of technology in schools, including bring-your-own-device [BYOD] schemes made school networks increasingly complicated, with hundreds of pupils' devices on one network.

"I really think we're getting to the time where schools would appreciate a solution provided for them in terms of system management, and security management."

Schools manage their own cyber security, using money from their operational grant to fund protection.

They have access to a government funded network for support, but some prefer to use external companies.

Linewize Founder Scott Noakes said his company provided support for over 200 schools in New Zealand.

The most common problem was that schools weren't separating BYOD traffic from their internal servers, he said.

The devices students bought to school sometimes had malware installed, and could make a school's network more vulnerable to attacks, he said.

Noakes said some schools had strong networks, while some were at the "opposite end of the spectrum."

Lincoln primary school principal Viv Butcher said her school's system was "robust", but it came at a cost.

The school's deputy principal and another teacher managed the network, but Butcher said both were "highly skilled."

Cashmere High School principal Mark Wilson said an external company managed his school's network.

The school planned to spend around $400,000 on ICT this year, which included the cost of salaries for two expert technicians.


Post a comment