Protecting Our School District from Cyber-attacks: A few Lessons from the Dallas Ransomware Incident

Dallas Ransomware

Last week’s recent ransomware attack on the city of Dallas, which has seen lingering ill effects into this week, serves as yet another reminder for us to remain ever vigilant and educated about the dangers of cyber threats, including call-back phishing attacks. Incidents can have severe consequences, affecting the daily operations and sensitive information of organizations impacted. In this blog post, we’ll recap the Dallas ransomware attack, discuss how it happened, and outline what you can do to protect our school district from similar threats.

The Dallas Ransomware Attack:

The city of Dallas was recently targeted in a ransomware attack that impacted its IT services and police communications, causing significant disruptions. The attackers used a technique called call-back phishing, which allowed them to infiltrate the city’s systems and deploy ransomware. You can read a detailed summary of the incident in this article from BleepingComputer: https://www.bleepingcomputer.com/news/security/city-of-dallas-hit-by-royal-ransomware-attack-impacting-it-services/

What is Call-Back Phishing?

Call-back phishing is a type of social engineering attack in which cybercriminals impersonate legitimate organizations or authority figures, often through emails instructing recipients to call a phone number. In the Dallas incident, the attackers sent emails impersonating food delivery and software providers, pretending to be subscription renewals. These emails contained phone numbers that connected the victims to a service hired by the Royal threat actors. When victims called the number, the threat actors used social engineering to convince them to install remote access software, allowing the attackers access to the city’s network.

How Can We Protect Ourselves?
To protect our school district from similar cyber-attacks, it’s essential for all staff members to be aware of call-back phishing techniques and take the necessary precautions. Here are some tips to help you stay safe:

  • Remain cautious when it comes to your emails and phone calls: Always be skeptical of unexpected or unsolicited emails and phone calls, especially those that ask for sensitive information or urge you to take immediate action.
  • Verify information: If an email or phone call seems suspicious, contact the person or organization directly using known contact information, not the information provided by the sender or caller. This is crucial for ensuring that you are communicating with a legitimate representative and not disclosing information to potential scammers.
  • Don’t follow instructions blindly: If an email instructs you to call a phone number, make sure to verify the legitimacy of the number before calling. If you’re unsure, reach out to the company or individual using previously known contact information to confirm the request.
  • Be wary of installing software: Do not install remote access software or any other applications at the request of a caller unless you have verified their identity and confirmed the legitimacy of the request. When in doubt, don’t.
  • Use strong, unique passwords: Create strong passwords for all your accounts, and avoid reusing the same password across different platforms services.
  • Keep software updated: Our school district uses SentinelOne as our endpoint detection and response solution, which is remotely managed and updated by the IT department. This helps ensure that your district devices are protected against known security vulnerabilities. While this helps mitigate against bad actors, it’s also critical to keep software up to date on both district and personal devices.
  • Report suspicious activity: If you encounter a potential call-back phishing attempt or believe your account has been compromised, report it immediately. If you ever feel that you have mistakenly disclosed private information or granted unauthorized access, please submit a service request. Remember, the sooner we address the mistake, the safer both staff and student information will be. Please don’t worry about being chastised for a mistake (we all make missteps); our priority is the safety and security of our digital environment including student and staff data.

Thanks for continuing to stay informed and vigilant!

SORA news

Two noteworthy Sora news items.

  1. SORA SWEET READS RETURNS! Summer reading, oh my!  OverDrive’s annual reading program, Sora Sweet Reads, is designed for schools to encourage students to keep reading all year long. This collection of free and simultaneous use juvenile and young adult ebooks (and select audiobooks) will be available to participating schools and prominently displayed in Sora so it’s easy for students to find their next sweet read. On May 15th all school partners who have opted in (and we have) will receive a sweet new curation on their Sora Explore page full of 57 new titles for all ages K-12. The collection this year boasts 34 juvenile titles, 10 young adult titles and 13 general adult-level titles. The collection will be live for 10 weeks from May 15 through Aug. 28 and all titles are simultaneous-use. This means students will all have access immediately and at the same time. Ready to check out the titles? Head over to the Sora Sweet Reads website to view the titles before they go live in our Wayne County shared collection on May 15 and to download some resources as well.                                                                                                              Sora Elementary ReadsSora Sweet ReadsSora Reads HS
  2. The Sora app’s multilingual interface now is available in two additional languages, Korean and Portuguese (Brazilian) with more languages being added. The Sora interface already includes Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Russian, Spanish and Swedish language options. As a reminder, students can update Sora’s display language from the welcome screen or from Language settings in the app’s main menu.                                Sora language changes

When students update their language settings, Sora’s ebook reader, audiobook player, and app interface automatically display in the selected language. Sora will remember your language settings across sessions.

Please note: Changing Sora’s display language does not change the language of the books your students can borrow. If you’re interested in specific language content to support these new interface languages or others? Looking for books to support your native speakers and language learners alike? Check out the languages and learning tile on the Resource Center, where you can find recommended reading lists for ebooks and audiobooks in these languages – and more!

——————–

The online Sora app was designed around the modern student reading experience. This app, developed and curated by Overdrive, empowers students to discover and enjoy ebooks and audiobooks, for both leisure and class-assigned reading. ALL STUDENTS in all of our district’s schools AND ALL STAFF can log into our Sora page using their Google Accounts at http://links.pccsk12.com/sora and begin checking out ebooks!

Once logged in, students and staff are able to “borrow” ebooks and audiobooks from a selection of thousands of titles available in their school, district and/or Wayne county library collections. Check out this 2 minute video for how to access the app via the Google apps launcher (aka waffle) as well as how to add a library collection (only need to do that once per year).

P-CCS Voicemail Changes Coming Next Week

Voicemail changes coming

Next week your District voicemail will start syncing with your Gmail inbox. This means that actions taken in one of these systems will affect the other.

 

Voicemail/Gmail Functionality PRIOR to May 1, 2023

When a voicemail is left in a staff member’s District voicemail mailbox, that staff member receives an email notification with a copy of that voicemail. Actions taken, such as listening to or deleting the voicemail, in our voicemail system do not impact the email notification in Gmail. Actions taken in Gmail also do not impact our voicemail system.

 

Voicemail/Gmail Functionality AS OF May 1, 2023

When voicemails are left, staff will be emailed a notification in their Inbox AND actions they take on that message will affect the message stored in the District voicemail system (and vice versa).

 

ON THE GMAIL SIDE

By default the message in the Gmail account will have the VoiceMessages label applied (see image below).

The email notification will look similar to the notification shown below. Hovering over the attachment will allow you to download or save it to Google Drive. Clicking on it will allow you to listen to the voicemail message.

Like other email messages, voicemail notifications will be marked as unread when they are received. However, unlike other email messages, voicemail notifications are subject to the aging policies associated with the District’s voicemail system. The 3 points below describe what happens to unread, read, and deleted voicemail notifications in Gmail and the District’s voicemail system.

  • If a voicemail notification is opened OR left unread for 40 days, the email will be marked as read and the corresponding voicemail in the District’s voicemail system will be marked as Saved.
  • If a voicemail notification is deleted OR left as read for 60 days, the email will be moved to Trash and the corresponding voicemail in the District’s voicemail system will be marked as Deleted.
  • Deleted messages will be permanently deleted from Gmail AND the District’s voicemail system after 5 days. 

 

ON THE PHONE SIDE

Similarly, actions taken in the District’s voicemail system will impact voicemail notifications in Gmail.

  • If a voicemail message is listened to OR left ignored for 40 days, it will be marked as Saved and the corresponding email notification will be marked as read in Gmail.
  • If a Saved voicemail message is deleted OR left ignored for 60 days, it will be marked as Deleted and the corresponding email notification will be moved to Trash in Gmail.
  • Deleted messages will be permanently deleted from the District’s voicemail system AND Gmail after 5 days.

 

Keeping Voicemail Messages Beyond the Defined Aging Policy

While most voicemail messages only need to be kept for a short period of time, there are some voicemails that might need to be kept for longer periods of time. To keep a voicemail message beyond the District voicemail system’s aging policy, it is recommended that you download it from Gmail to your computer. It is also possible to save the voicemail message to Drive or to forward the email to yourself.

 

REMINDER: Voicemail Message Quotas Still Apply 

As a reminder, your voicemail mailbox has a quota for the total amount of storage it can use. Mailbox quota warnings will be emailed out should your mailbox approach or reach its limit. Please note that once your mailbox has reached its limit, you will no longer be able to receive new voicemail messages.

 

The ‘Why’ for Voicemail Aging Policy and Storage Quotas

The District’s voicemail system has an aging policy and storage quotas for voicemail messages due to the total storage limit for District voicemails. While it is possible to increase the District’s total voicemail storage (up to a point), doing so would incur additional ongoing costs to the District.

Questions or Issues

If you have any questions or issues related to your District voicemail, please submit a service ticket.

Finish out the year strong with IXL!

IXL news

IXL’s latest newsletter shares the following:

As you begin looking forward to summer, IXL has prepared resources to ensure your teachers can make the most out of their instructional time and students and parents can seamlessly continue their IXL practice over the summer. Here are a few resources you can use to ensure seamless summer learning:

  • The Summer Learning Hub is your go-to resource for everything summer related! Encourage students to use IXL all summer long with parent guides, fun games, and printable activities!
  • Summer skill plans: Build a strong foundation for the fall with our ready-made summer skill plans, perfect for teaching summer school or empowering independent learning over the break.
  • Live webinars: Our free 30-minute webinars will discuss best practices for mitigating learning loss and maximizing student progress this summer.
  • IXL blog: Did you know the IXL blog features tips written by education experts? Read up on the latest strategies for implementing IXL over the summer submitted by IXL Ambassadors.

Don’t fall for spoofed emails

Spoofed emails explained

Over the last ten days there has been a rash of spoofed emails sent to various staff that at first glance appeared to come from a building administrator. Between the message’s sense of urgency and how close the sender’s purported address was to the admin’s actual address, more than a dozen staffers were lulled into replying.

This is a reminder to look closely at an email or text, especially if it is asking for personal information like your cell phone or asking you to purchase something.

If anything about the address or reply info looks “off” just ignore the email or click the More menu and click report spam or phishing.  In all cases, don’t reply back to such an email –INSTEAD contact the colleague you believe contacted you via a KNOWN working method such as their district email address or phone number.

We all need to stay vigilant and keep our guard up, because unfortunately the scammers are out there and are trying to catch us with our defenses down.

Fell for their plea?

  • If you provide your cell phone number, block any inbound number(s) they use should they reach out to you via cell call/text asking for help.
  • If you purchased a gift card and shared it with the spoofer (one of the typical asks), check out this blog post for steps to take in the aftermath of being scammed including reporting the matter to both local law enforcement and the gift card issuer (links are on the page).
  • Let the tech department know via service ticket so we can put a block on the offending sending email address

BrainPop’s spring blog posts

BrainPop Blog

Below are four blog posts that BrainPop called out recently.

As any parent knows, young children are hardwired to be curious about the world around them. That means asking questions—a lot of them. Experts say that children ask an average of 40,000 questions between the ages of two and five. A typical 4-year-old might ask as many as 300 questions a day! As children get older, the questions start to wane, leaving teachers with the challenge of trying to reignite that spark of curiosity.

NWEA Monthly Newsletter

NWEA newsletter

Below are some highlights from NWEA’s latest newsletter.

75 digital tools and apps teachers can use to support formative assessment in the classroom

How consistent learning supports help math students succeed

What Daniel Pink can teach principals about timing . Good timing can help leaders succeed. In When: The Scientific Secrets of Perfect Timing, Daniel Pink shares research and advice on timing.

GUIDE
4 ways to challenge students through personalization
Personalizing instruction takes commitment and planning, but the potential rewards are worth it. There are proven practices that can streamline the process while still generating remarkable results.

ARTICLE
Charting a course: 3 ways assessment empowers students
Providing students with a clear view of where they stand is key to building a strong teacher-student partnership. Reliable assessment data they can use to plan next steps together is a good place to start.

GUIDE
Get ahead of the curve: How data can improve teaching and learning
To gain insights into student learning and enhance the classroom experience, teachers are turning to the rich data produced by assessments.

REMC news and updates for April 2023

The Regional Educational Media Center Association (REMC) of Michigan promotes the transformative use of technology and provides Michigan schools with access to educational resources to help teachers increase student success. Two highlights from their April newsletter are shown below.

Podcasting

Meet up with others on the educational podcasting journey

REMC now offers resources, courses and workshops for edu-podcasting. Designed with classroom teachers, students, administrators and support staff in mind, our goal is to help anyone advance in their podcasting journey and to capitalize on best practices.

During the month of May, we are holding three separate online Mastermind Meetings. Sessions will be: May 9th, 16th and the 23rd.  READ MORE

REMC calendar

Plan ahead with the REMC Professional Learning Annual Calendar

If you are looking to enhance your technology integration skills, explore new instructional delivery methods or learn tips and tricks from Michigan educational practitioners – The REMC Association has something for you!  To help with your professional learning planning, we are excited to share our REMC Course schedule through June 2024.

Take a look at all course offerings and register today! Earn 10 FREE SCECHs upon completion. Simply visit www.remc.org/remc-all-events/.

Highlights from the March Google for Education newsletter

Google March Edu newsletter

Check out Google for Edu’s latest monthly newsletter HERE. Some highlights are noted below.

Celebrate Women’s History Month with Applied Digital Skills
Looking for lessons to celebrate Women’s History Month with your students? Our Celebrate Women’s History Collection helps students learn about the contributions of women to the world while building new digital skills.

Celebrate Women’s History Month with Google Arts & Culture
From the forgotten pioneers to the iconic trailblazers, celebrate women in arts and culture with the newly updated Women in Culture hub on Google Arts & Culture.

Explore AI on Digital Learning Day with Applied Digital Skills
Celebrate Digital Learning Day with our Discover AI in Daily Life lesson. Students can learn about artificial intelligence concepts using Quick, Draw!, AutoDraw, Google Translate (while you cannot use translate.google.com as the lessons show, you can use the embedded Google translate access within the search engine and forvo for pronunciation), and Google Slides.

Learn about the Maasai people from Tanzania and Kenya
Get a glimpse into the traditions and culture of the Maasai community in East Africa, from their livelihoods to architecture, craftsmanship and language, in the new dedicated hub on Google Arts & Culture.

Explore Korea’s Demilitarized Zone through its History, Nature, and Art
Learn about the history of Korea’s Demilitarized Zone (DMZ), a strip of land running across the Korean peninsula. Explore the natural beauties of the DMZ border and contemporary art inspired by the area.

Arts & Culture: Hot Spot Climate Change
27 international artists share their views on climate change in the exhibition Hot Spot, hosted by the National Gallery in Rome. Showcasing big ideas and questions on the future of the planet’s climate, you can explore and be inspired.

 

PAST ISSUES of the EDU Newsletter – click HERE