Pandemic Brings Rise in Cyberattacks Across the Globe

(TNS) — A cyberattack last week put a halt to classes in the Sandwich Public Schools in Massachusetts, but the district isn't alone in what is becoming a growing threat.

The district was one of many institutions, municipalities and individuals that have been upended by cyberattacks during the past several months, a problem that has affected the Cape and other regions around the globe.

As the pandemic ramped up in the Northeast from the end of February through late March, COVID-19-related phishing attacks increased 667%, cybersecurity company Barracuda found. That spike led the FBI to warn of pandemic-related phishing attacks and fake emails purporting to be from the Centers for Disease Control and Prevention.

"It's everywhere," said Janek Chrzanowski, chief technical officer for OpenCape Corp. "It's not particular to a region or a country."

But the review site Safety.com said last month that Massachusetts ranked 10th among states in terms of the financial impact of cybercrime. The site said it used data from the 2019 FBI Internet Crime Report and found that Massachusetts residents lost almost $84.2 million to cybercriminals last year, and that the average loss of $12,966 per victim was fourth highest in the nation.

The disruption to internet service in the Sandwich schools was identified as a distributed denial of service, or DDoS, attack, a malicious attempt to disrupt traffic on a server, service or network by overwhelming the target with a flood of internet traffic.

The Sandwich district uses the OpenCape Network, a nonprofit fiber-optic provider in Southeastern Massachusetts that provides high-capacity and high-quality internet access.

"This is not the first time we had it," OpenCape CEO  Steven Johnston  said about cyberattacks. He noted that other customers they have on the Cape have also experienced similar attacks.

OpenCape services the majority of school systems on the Cape, along with many town municipalities, and also services local hospitals, Chrzanowski said.

A chain of different issues including a firewall failure led up to the DDoS attack in the Sandwich schools, said Bryce Harper, the district's director of technology.

The firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

As of now, the school district is not experiencing any issues caused by the attack, Harper said. He is still unsure as to who or why the attack happened, but said the school district is actively working with the Sandwich Police Department to try and get to the root of what caused it.

Inside the school district, Harper said he is working to build a more resilient system to avoid future cyberattacks.

"I am hoping we are out of the woods," Harper said. "We are making sure we are prepared for that moving forward."

Johnston, who has four children in the Sandwich Public Schools, said he has been following the problem closely. The firewall failure created what he called "a perfect storm".

When the school district noticed a large amount of traffic coming to them from different places such as China, India and Russia, Chrzanowski said OpenCape was notified of the problem. OpenCape put in a filter on the internet routers in an attempt to prevent outside users, he said.

"It's kind of like a cat and mouse game," he said. "[Filtering out unwanted users] is still a challenge because it is always reactive."

The filter allowed students and staff in the district to continue to access Google Classroom while limiting people from outside the district from entering, Chrzanowski said.

But the reason behind why one computer network or another is targeted remains mostly mysterious, he said.

"Sometimes it's not necessarily about gaining information, it's just being disruptive," Chrzanowski said. "I wish I had the answer. I don't know."

For hackers who try to make a living by exploiting cybersecurity vulnerabilities, it's business as usual. They're still out there and they're taking advantage of the pandemic to inflict greater damage, according to Stephanie Helm, a former U.S. Navy captain who serves as director of the MassCyberCenter at the Massachusetts Technology Collaborative.

"Some things have not changed and those things are the hackers strive to lure people into clicking on a link of some sort that would allow them to download malware," she told the State House News Service. "So that was even happening when you were in the office traditionally. When you were at your desk, there would be a phishing attempt to try to get you to click on a link so they could get past your firewall. So those hackers are still out there and that part has not changed."

Helm said hackers are capitalizing on the fear around COVID-19 and the uncertainty over the path the pandemic might take to make their phishing campaigns even more successful.

"It's sort of like they smell uncertainty in the air and they're taking advantage of it," Helm said.

OpenCape is looking at different vendors who can provide better protection from attacks, not only for schools but for every customer, he said.

"I think this is just going to keep on growing, so we are going to have to look at this more and more," Chrzanowski said. "As much as I want to wash our hands from it, we can't."

(c)2020 Cape Cod Times, Hyannis, Mass. Distributed by Tribune Content Agency, LLC.