SUBJECT: Activity Alert - Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data - TLP: WHITE

On December 10, 2020, a joint alert (AA20-345A) co-authored by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) was released that provides details of malicious cyber actors targeting K12 educational institutions leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Information contained within this alert include technical details of the threats reported and observed, known additional risks and vulnerabilities, and proposed mitigations to these threats and vulnerabilities.

The full alert can be found on the US-CERT web site at the following URL:

https://us-cert.cisa.gov/ncas/alerts/aa20-345a

24x7 Security Operations Center
Multi-State Information Sharing and Analysis Center (MS-ISAC)
Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)
31 Tech Valley Drive
East Greenbush, NY 12061
SOC@cisecurity.org - 1-866-787-4722