FBI warns K12 schools of ransomware attacks via RDP

This warning is not just for schools. A quick shodan search shows over 11 thousand accessible RDP endpoints, can you find your address?…:

[…] The FBI cited stats from antivirus company Emsisoft about the increase in attacks targeting K12 schools, saying that 1,233 were potentially targeted in 2019, with another 422 schools targeted in Q1 2020 alone. According to the K12 Cyber Incident Map, there were 867 known cyber-security incidents disclosed by US K12 schools since 2016, but only a fraction of those were ransomware.

In particular, the FBI warns about attacks involving the Ryuk ransomware, which the bureau said it observed in an increased number of attacks since September 2019, exploiting RDP endpoints as its initial point of entry.


Original Article