{"id":3309,"date":"2021-03-16T15:32:57","date_gmt":"2021-03-16T19:32:57","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3309"},"modified":"2021-03-16T15:34:06","modified_gmt":"2021-03-16T19:34:06","slug":"fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/","title":{"rendered":"FBI Warns of Increase of PYSA Ransomware Targeting Educational Institutions"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-2994\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg\" alt=\"FBI Warns of Increase of PYSA Ransomware Targeting Educational Institutions\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The Federal Bureau of Investigation (FBI) Cyber Division <\/span><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-warns-of-escalating-pysa-ransomware-attacks-on-education-orgs\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">recently released<\/span><\/a><span style=\"font-weight: 400\"> a warning to cybersecurity professionals in the U.S. According to the warning, they detected increased PYSA ransomware activity specifically targeting educational institutions. While singling out educational organizations, the FBI notes the PYSA ransomware surge is also targeting governmental organizations, private enterprises, and the healthcare sector.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The PYSA ransomware family uses reconnaissance and manual uploading the payloads to infect victim systems, with phishing attacks planting the initial malware. As always, the FBI recommends not paying the ransom on any ransomware attack as it promotes more cyber-threats in the future. Instead, they ask that infected organizations report ransomware attacks to the FBI immediately.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">We spoke with several prominent <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener\">cybersecurity<\/a> experts to glean more about this new ransomware family and the implications of its surge.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/><\/span><\/p>\n<h2 style=\"text-align: justify\"><b>Expert Commentary: PYSA Ransomware\u00a0<\/b><\/h2>\n<h3 style=\"text-align: justify\"><b>Bryan Embrey<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Bryan Embrey is Director of Product Marketing of <\/span><\/i><a href=\"https:\/\/zentrysecurity.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Zentry Security<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">&#8220;While it is surprising that attackers are now targeting seminaries, leveraging RDP as an attack vector is not. RDP has certain weaknesses that can be mitigated and addressed by deploying zero trust technologies such as single sign-on (SSO) and multi-factor authentication (MFA). SSO offers ways for organizations to provide strong password usage as well as reducing the chance of credential theft, while MFA ensures that only authenticated users get access to sensitive applications and resources. Most notably, RDP has been vulnerable to BlueKeep, a vulnerability identified \u2013 and patched \u2013 in 2019. Organizations, including seminaries, should check to ensure their systems are patched.&#8221;<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>James Carder<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">James Carder is Chief Security Officer at <\/span><\/i><a href=\"https:\/\/logrhythm.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">LogRhythm<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cEducational institutions are big targets for hackers as thousands of people\u2019s sensitive information is potentially involved, and the substantial shift towards e-learning has made them even more appealing to hackers and ransomware. These attacks on schools can bring education to a halt while potentially exposing every student and teacher\u2019s personal data within the organization. Parents are also targets and may be coerced into paying ransom for personal information or school assignments if the information falls into bad actors\u2019 hands.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This FBI warning is an important reminder that educational institutions need to take a proactive approach and invest in cybersecurity solutions that detect malicious behavior and enable network infrastructure to block any further access attempts. Institutions should patch aggressively, create backups, prepare a response plan, and prioritize educational training to ensure they are equipped to handle attacks and proceed without disruption.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Mark Bagley<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Mark Bagley is VP of Product of <\/span><\/i><a href=\"https:\/\/attackiq.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">AttackIQ<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">&#8220;Student data, like all personally-identifiable information, is an attractive target for ransomware groups, and the recent FBI advisory serves as a reminder that adversaries are continuing to take advantage of the global pandemic by targeting virtual learning environments.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Educational institutions that have adopted a threat-informed defense will be at a significant advantage compared to peers who have not done so. Understanding common adversary tactics, techniques, and procedures as outlined by the MITRE ATT&amp;CK framework creates the foundation for a more resilient security program and makes it possible to continuously evaluate the state of their defenses when paired with automation.<\/span><\/p>\n<div class=\"hr hr\"><\/div>\n<p>Thanks to these experts for their time and expertise. For more, please consult our <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener\">SIEM Buyer&#8217;s Guide<\/a>.<\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Federal Bureau of Investigation (FBI) Cyber Division recently released a warning to cybersecurity professionals in the U.S. According to the warning, they detected increased PYSA ransomware activity specifically targeting educational institutions. While singling out educational organizations, the FBI notes the PYSA ransomware surge is also targeting governmental organizations, private enterprises, and the healthcare sector.\u00a0 [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2994,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[1130,353,95,431,112,86,36,1529,1528,276,21,57,22,1487],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.<\/title>\n<meta name=\"description\" content=\"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.\" \/>\n<meta property=\"og:description\" content=\"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-16T19:32:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-16T19:34:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/\",\"name\":\"FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg\",\"datePublished\":\"2021-03-16T19:32:57+00:00\",\"dateModified\":\"2021-03-16T19:34:06+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FBI Warns of Increase of PYSA Ransomware Targeting Educational Institutions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.","description":"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/","og_locale":"en_US","og_type":"article","og_title":"FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.","og_description":"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2021-03-16T19:32:57+00:00","article_modified_time":"2021-03-16T19:34:06+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/","name":"FBI Warns of Increase of PYSA Ransomware Targeting Education Orgs.","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg","datePublished":"2021-03-16T19:32:57+00:00","dateModified":"2021-03-16T19:34:06+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"The FBI recently released a warning concerning a surge in PYSA ransomware attacking educational institutions and other organizations.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/04\/ransomware-4-mod.jpg","width":800,"height":400,"caption":"GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/fbi-warns-of-increase-of-pysa-ransomware-targeting-educational-institutions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"FBI Warns of Increase of PYSA Ransomware Targeting Educational Institutions"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3309"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3309"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3309\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2994"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}