FBI Warns Pysa Ransomware Targeting Education Sector
The FBI has warned the public that malicious actors are targeting education sector organizations in a campaign distributing the Psya ransomware variant. The alert was issued to organizations in the US and UK, advising the potential targets to practice high caution over the next several weeks. The attacks have been hitting higher education institutions, K-12 schools, and seminaries in 12 US states and the UK.
The FBI has been tracking the variant since March 2020 and has observed attacks on multiple sectors including US and foreign governments, healthcare, and private sector organizations. The FBI states that the initial point of entry is via phishing emails or RDP endpoints hijacked through compromised credentials. The threat actors also allegedly seek to disable anti-virus capabilities on a victim’s network before distributing the Psya ransomware.