The FBI has warned of Increase in PYSA Ransomware Targeting Education Institutions. The increase has occurred in 12 US States and the United Kingdom. PYSA, otherwise known as Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on their systems.

Experts Comments

March 18, 2021
Jorge Orchilles
CTO
SCYTHE

Ransomware threat actors continue to evolve to ensure they receive payment. We have seen "double extortion" being used across various sectors, not just education. Threat actors exfiltrate data and post a sample to extort and push the victim for payment in addition to the traditional ransom of encrypting their data.

March 18, 2021
Saryu Nayyar
CEO
Gurucul

For malicious actors, the education sector is a prime target. IT budgets are often limited and cybersecurity resources are stretched thin. The victims can be naive to cyber threats, which makes them easy targets for social engineering and phishing attacks.

 

With the rise of Cybercrime-as-a-Service, including ransomware and hybrid attacks that extract data for extortion before encrypting it, it's no wonder they are going after easier targets like schools, seminaries, and colleges.

 

User

.....Read More

For malicious actors, the education sector is a prime target. IT budgets are often limited and cybersecurity resources are stretched thin. The victims can be naive to cyber threats, which makes them easy targets for social engineering and phishing attacks.

 

With the rise of Cybercrime-as-a-Service, including ransomware and hybrid attacks that extract data for extortion before encrypting it, it's no wonder they are going after easier targets like schools, seminaries, and colleges.

 

User education to reduce the change of becoming a victim is the first line of defense, as it almost always is when users are involved.  But educational organizations need to take it further. They need to review their cybersecurity posture and update it to face complex threats as budget and resources allow.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.