惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Project Zero
Project Zero
Martin Fowler
Martin Fowler
人人都是产品经理
人人都是产品经理
C
Check Point Blog
S
SegmentFault 最新的问题
腾讯CDC
IT之家
IT之家
Jina AI
Jina AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
B
Blog RSS Feed
博客园 - Franky
V
Visual Studio Blog
The Register - Security
The Register - Security
GbyAI
GbyAI
博客园 - 【当耐特】
Hugging Face - Blog
Hugging Face - Blog
U
Unit 42
Google DeepMind News
Google DeepMind News
Microsoft Security Blog
Microsoft Security Blog
Y
Y Combinator Blog
云风的 BLOG
云风的 BLOG
博客园 - 三生石上(FineUI控件)
Schneier on Security
Schneier on Security
N
News and Events Feed by Topic
T
Troy Hunt's Blog
小众软件
小众软件
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
TaoSecurity Blog
TaoSecurity Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
C
CERT Recently Published Vulnerability Notes
aimingoo的专栏
aimingoo的专栏
T
The Exploit Database - CXSecurity.com
Know Your Adversary
Know Your Adversary
G
GRAHAM CLULEY
T
Tenable Blog
P
Palo Alto Networks Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
S
Schneier on Security
Simon Willison's Weblog
Simon Willison's Weblog
H
Help Net Security
WordPress大学
WordPress大学
The Cloudflare Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
MongoDB | Blog
MongoDB | Blog
Forbes - Security
Forbes - Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
W
WeLiveSecurity
I
InfoQ
P
Privacy International News Feed

Security

Scope Systems confirms cyber incident, says no data loss occurred Instructure breach: ShinyHunters says ‘matter has been resolved’ Rapid7 launches Cyber GRC program to connect compliance with live risk data Australian federal budget 2026: The industry perspective Op-Ed: Microsoft May Patch Tuesday reveals 137 vulnerabilities Federal Budget 2026: The state of cyber security spending for the coming year OpenAI offers EU early access to its cyber security model Exclusive: Aussie firm Earth Systems listed by INC Ransom hacking group Op-Ed: Why Middle East tensions demand immediate action on OT security Aussie schools breach: Instructure boss “reaches agreement” with ShinyHunters to not release data Institute of Public Accountants members hit by data breach Union demands answers on Qantas AI plans 1 in 3 small businesses don't think they're a cyber target, new research finds Exclusive: Aussie toy distributor listed by M3rx ransomware Exclusive: Australian Computer Society investigating possible breach after ShinyHunters hack claims The industry speaks – part 2: World Password Day 2026 Aussie schools breach: The Instructure hack “transcends an isolated IT incident” Exclusive: Aussie car part importer Strategic Imports allegedly breached by threat actors New South Wales, other states, investigating Instructure/Canvas data breach Australian Cyber Security Centre warns of ClickFix campaign leveraging Australian infrastructure Queensland Department of Education confirms students & staff impacted by ShinyHunters data breach ACMA takes action against SpinTel & Yomojo over mobile number fraud violations The Industry Speaks, Part 1: World Password Day 2026 Qualys and Converge tie cyber insurance pricing to real-time security posture Fakeout: Iranian APT caught hiding behind Chaos ransomware activity Exclusive: Australian energy management firm allegedly breached by SafePay Real estate giant Cushman & Wakefield confirms cyber incident, Qilin and ShinyHunters claim attack CrowdStrike expands Project QuiltWorks as more partners join AI security coalition Hacked: ALS discloses cyber incident, unauthorised access to IT systems Microsoft the main target of AI phishing attacks, report uncovers Attackers increasingly turning to trusted security tools to compromise Aussie victims Exclusive: Champion Homes confirms customer data compromised in “cyber event” Australia, Japan commit to partnership to meet cyber security challenges & strengthen cyber defences NSW Treasury cyber incident contained, impact no longer ‘significant’ WA rental scam surge: Tenants targeted with fake $500 discount trap Aussie Information Commissioner launches Privacy Awareness Week 2026 Unregistered branded text messages to be labelled ‘Unverified’ from 1 July Exclusive: Major Australian jewellery brand confirms cyber incident Watch this! Komari server monitor tool abused by hackers Act Now! ACSC warns of active exploitation of cPanel & WHM critical vulnerability Exclusive: Kiwi electrical contractor confirms cyber attack Exclusive: Prime Properties listed as breach victim by M3rx ransomware DigiCert launches AI Trust architecture to secure agents, models, and content Winners of the 2026 Australian Cyber Awards unveiled Op-Ed: Redefining performance in the AI-powered SOC NZ council cyber attack leads to ID and financial data being exposed Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand Vect unveiled: Inside an emerging ransomware group’s affiliate network Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce Anthropic Mythos: The model, the myth and the mundane​ Report: Aussie small businesses doing it tough as job scams double, losses rise Cyber attacks on medical devices pose ‘significant’ impact on real-life patient care Twisted Firestarter! Aussie, US, and UK cyber agencies warn of Cisco malware campaign Generation Life informs customers of “cyber incident” as owner shares incident with ASX CBA launches new scam-finding AI agent Sri Lankan government hack sees $3.7m destined for Australia stolen CrowdStrike extends cloud threat detection to Google Cloud Hey big spender! Microsoft to invest $25bn in Australian AI infrastructure Genetec marks Sydney milestone with visit by high commissioner of Canada to Australia Rental platform under fire for collecting excessive personal data Exclusive: SA genealogical research firm confirms cyber incident following SafePay ransom claims PentenAmio announces acquisition of Armour Communications Exclusive: Aussie passports compromised in alleged Favelle Favco data breach Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says Treasury staffer charged for NSW government data breach Op-Ed: AI won’t patch the holes in your SOC Game on! More than a third of FIFA World Cup 2026 partners expose Aussies to email fraud risk Dark web markets: A complete Aussie identity costs as little as $200 Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group Mortgage fraud now harder to detect thanks to AI McGraw Hill confirms ShinyHunters breach, won’t confirm if any Aussie customers impacted Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway National Defence Strategy 2026: Spending on military cyber capability to reach at least $15bn Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware Op-Ed: ASIO has broken its silence on cyber crime, and you should listen Too-hard basket: NIST to scale back CVE updates as vulnerabilities soar OpenAI launches GPT 5.4-Cyber in response to Anthropic Glasswing NZ racehorse auction stalled by cyber attack Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities ADF joins international military exercise focused on cyber resilience and multi-domain operations OpenAI CEO’s home targeted in attempted drive-by just days after Molotov attack Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims Booking.com confirms cyber incident, customer reservation data potentially compromised Report: Majority of CISOs not ready for the next big cyber attack Why Anthropic’s Project Glasswing matters, and what CISOs need to know WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands ‘pay or leak’ Exclusive: Gunra ransomware lists Eric Davis Dental as breach victim Op-Ed: Why zero trust for OT should start at the boundary, not the boiler room Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom US Treasury launches intelligence-sharing initiative with crypto companies Citigroup says AI speeds up new account openings Cyber war: Pro-Iranian hackers vow to fight on despite a fragile ceasefire with the US Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware Game on! Nationwide student competition aims to tackle Australia’s cyber skills gap Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation Ransomware group claims hack of legal giant Jones Day Anthropic, partners announce Project Glasswing cyber security initiative Exclusive: Aussie tech firm Seeing Machines confirms potential cyber security incident Space Bears claims cyber attack on Sydney dental clinic
Why are cyber attacks on schools so devastating... And so easy to pull off?
David Hollingworth · 2026-06-26 · via Security

Schools hold a raft of personal data belonging to teachers and students alike, making them prime targets for cyber attacks and extortion. ThreatLocker’s Danny Jenkins explains how hackers are making the most of poorly protected school networks.

Why are cyber attacks on schools so devastating... And so easy to perform?

2026 has been a terrible year so far for cyber attacks on Australian schools.

In January, the Victorian government disclosed that every government school in the state was compromised by a cyber attack, and only a few months later, the Canvas breach impacted schools and student data around the country.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

More recently, teachers and students at Reynella East College in South Australia had their passports and other personal information published to the darkweb by unscrupulous ransomware operators.

And that’s just one six-month period. However, it proves that schools are juicy targets for hackers looking to make a quick buck at the expense of critical workers like teachers and helpless schoolchildren.

“Schools are attractive targets because they hold highly sensitive data on children. As we saw with the Canvas breach, threat actors believe that student data creates emotional and reputational pressure,” Danny Jenkins, CEO and co-founder of cyber security firm ThreatLocker, told Cyber Daily.

“It is not simply a list of adult customers or business contacts. School data often includes information about children, grades, family challenges, and learning support needs.”

According to Jenkins, if a threat actor can disrupt a school’s systems, it can easily put pressure on the victims to pay a ransom or face lengthy delays to regular classes.

“In the United States, ransomware attacks have forced districts to temporarily close schools,” Jenkins said.

“Another example is the 2022 attack on the Los Angeles Unified School District, where sensitive student records, including deeply personal psychological evaluations, were stolen and later released after the district refused to pay. Attackers likely believed the highly sensitive nature of that data would ensure their payment.”

While many of this year’s school breaches have been third-party driven, individual actors are still targeting specific schools, such as Interlock’s attack on Reynella East College. Hackers like Interlock, Jenkins said, have a wide array of tools and techniques at their disposal to breach school networks.

“Interlock has been linked to social engineering techniques, including ClickFix-style attacks. The group has also been observed gaining initial access through drive-by downloads from compromised legitimate websites, which the FBI noted is a less common technique among ransomware groups,” Jenkins said.

“They have also been observed attempting to trick users into installing malware disguised as browser updates, which is a more traditional vector.”

Interlock, like many similar groups, is known to take its time during a ransomware attack, first conducting network reconnaissance and understanding how its victim works and what data is most useful to exfiltrate. In Interlock’s case, the data is not only stolen, but also encrypted in place, prompting the victim to pay a ransom not only to stop its data being published and shared with other cyber-criminals, but also to receive a decryptor to unlock the data.

And all while the threat actor maintains a high degree of stealth.

“One of the reasons these attacks can go undetected for so long is because the attackers deliberately blend into the environment as they identify valuable systems and sensitive data,” Jenkins said.

“Overall, schools are vulnerable to the same wide range of attack vectors as any other organisation, and every ransomware group has its preferred tactics. Some are on the simpler side, like ClickFix, others rely on traditional phishing, while more cutting-edge groups exploit vulnerabilities in third-party software.”

However, while the Reynella East College breach is no doubt devastating, it’s emblematic of a wider problem: despite the fact that schools hold reams of sensitive data, they’re often ill-equipped to secure it, and often short of resources.

“There's no single cause, but cost can be a factor, especially for public schools. When schools are strapped for funding, cyber security sometimes gets pushed aside as an IT expense rather than being recognised as a student safety issue,” Jenkins said.

“Another problem is the assumption that some schools are too small or too local to attract cyber-criminal attention. That is a dangerous misconception we see across all industries. Attackers often prefer smaller or less mature organisations because they may have fewer security controls.”

Even the most basic cyber hygiene measures can make a difference, even if – as appears to be the case with Reynella East College – but preventative controls matter, too, Jenkins said.

“For Australian schools, the advice in the Essential Eight is a good starting point and Zero Trust controls like application allowlisting, least privilege access, and segmenting systems that do not require cross-access are all important defences.”

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.