Unmanaged Devices Heighten Risks for School Networks

  /     /     /  
Publicated : 23/11/2024   Category : security


Unmanaged Devices Heighten Risks for School Networks


Gaming consoles, Wi-Fi Pineapples, and building management systems are among many devices Armis says it discovered on K–12 school networks.



A ransomware attack that knocked the Baltimore County Public Schools (BCPS) system offline for several days last week focused attention on the heightened threat activity directed at school networks since the pandemic forced a mass shift to distance learning this year.
A new report from Armis this week suggests that many schools may be making it easier for threat actors to execute such attacks by allowing numerous devices to connect to their network in an insecure and unmanaged fashion.
Armis report is based on recent engagements with multiple K–12 school districts around the country. In many instances, the vendor found a larger-than-expected and more-varied collection of unmanaged devices connected to the school networks.
One Arizona K–12 school district, for instance, had at least 47 videogame consoles, five Wi-Fi Pineapple devices — often used by pentesting teams — and three rogue access points on its network. Armis discovered many of the consoles were exposing the school districts network to the gaming community. The devices belonged to both students and faculty and presented a major risk because theyre relatively easily exploitable if the Universal Plug and Play protocol is enabled on the gaming console, says Curtis Simpson, CISO at Armis.
The Wi-Fi Pineapples and other devices on the network similarly exposed the school district to a wide variety of external threats.
In another school district,
Armis discovered
as many as 239 connected building automation systems that all had a set of vulnerabilities, collectively referred to as URGENT/11, in them. The remotely exploitable vulnerabilities, which
Armis discovered last year
, exist in millions of devices running VxWorks and several other real-time operating systems. According to Armis, the school districts security team wasnt aware of the vulnerabilities and the fact that it had so many exploitable devices on its network.
Simpson says its likely that such building automation system devices were present on school networks before the pandemic began. But the fact that many are left unmonitored presents a risk, especially with the heightened attention that attackers ae paying to school networks. Attackers will often look to exploit such services or devices within this type of environment, knowing that they are rarely monitored in such a manner that would allow the school system or any other target to identify the compromise, Simpson notes. One school district in Florida had multiple smartphones serving as point-of-sale devices on its network.
Simpson says the biggest difference between school networks before the pandemic began and now is the sheer number of devices that are connected to them. In many cases, personal devices — versus those issued by the school system — are also being used to access school system networks and services, Simpson says. These devices are not being managed by the school system and are often missing standard controls — such as modern antivirus — to safeguard against such attacks.
Attacks on school networks such as the one on
BCPS
last week have surged since the pandemic forced a shift to remote learning at many school districts around the country this year. According to
Microsoft
, some 63% of the malware attacks that it encountered over the past 30 days have involved devices at educational institutions. A report in April by
Armor
showed schools and colleges being targeted much more heavily in cyberattacks this year compared with organizations in any other sector.
Security researchers have pointed to several reasons for the surge in attacker interest in school networks. Among them is the fact that school networks remain relatively easy to break into compared with other networks. In a distance-learning environment, attackers have also discovered that schools are likely to more readily accede to ransomware demands that organizations in other sectors.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Unmanaged Devices Heighten Risks for School Networks