Vice Society’s continued operations against educational institutes pose a serious threat to the sector. The Okanagan College, Scheppers instituut Wetteren, and NPTC Group of Colleges are the latest names added to the list of institutes targeted by the hacker collective.
While the Okanagan College website remained inaccessible at the time of writing, a notice was released by the NPTC Group of Colleges acknowledging the cyber incident.
Although the classes were not impacted, the notice alerted students about suspicious emails from unknown sources. It read, “Do not open attachments or links unless you are certain of the origin of email or text.” Finding such messages especially after alerting about an incident can cause stress to students and parents, not to mention causing uncertainty about every communication one receives.
This alarming rate at which educational institutions are being targeted has impacted regular classes and even exams in some instances.
The college was allegedly threatened with data leak warnings with a deadline of 3 days. The group claimed to have over 850 GB of data including login, passwords, internal network maps of the organization, SQL databases, photos of passports, and social security numbers. They even had lawsuits, and credit card numbers.
A recent report by the Internet Crime Complaint Center (IC3) detailed how hackers are making money selling US academic credentials on the dark web and public forums.
The stolen student data can get manipulated in a number of ways including sending phishing emails to launch a malware attack. The data that could not be exfiltrated during the ransomware news attack can be stolen via such malicious campaigns targeting victims of previous cyberattacks.
In response to an email sent to DataBreaches, a Vice Society member said: “We don’t care about laws. Any attacked company is glory or money. They can choose what to give us.” DataBreaches asked Vice Society for a statement about the MASD cyberattack and the group replied.
They were asked about the response to their ransom demands and if they are impacted by laws against ransom payment.
Mars Area School District (MASD) is a public school that disclosed a ransomware attack on September 27, 2022.
As a result of the rising cyberattacks on schools, researchers are urging authorities to create a response plan, train their workers, use firewalls, and lock their former employees out to avoid being victimized because of human errors.