ALBUQUERQUE: For teachers at a middle school in New Mexico’s largest city, the first inkling of a widespread tech problem came during an early morning staff call.
On the video, there were shout-outs for a new custodian for his hard work, and the typical announcements from administrators and the union rep. But in the chat, there were hints of a looming crisis. Nobody could open attendance records, and everyone was locked out of class rosters and grades.
Albuquerque administrators later confirmed the outage that blocked access to the district’s student database — which also includes emergency contacts and lists of which adults are authorized to pick up which children — was due to a ransomware attack.
“I didn’t realize how important it was until I couldn’t use it,” said Sarah Hager, a Cleveland Middle School art teacher.
Cyberattacks like the one that canceled classes for two days in Albuquerque’s biggest school district have become a growing threat to US schools, with several high-profile incidents reported since last year. And the coronavirus pandemic has compounded their effects: More money has been demanded, and more schools have had to shut down as they scramble to recover data or even manually wipe all laptops.
“Pretty much any way that you cut it, incidents have both been growing more frequent and more significant,” said Doug Levin, director of the K12 Security Information Exchange, a Virginia-based nonprofit that helps schools defend against cybersecurity risk.
Precize data is hard to come by since most schools are not required to publicly report cyberattacks. But experts say public school systems — which often have limited budgets for cybersecurity expertise — have become an inviting target for ransomware gangs.
The pandemic also has forced schools to turn increasingly toward virtual learning, making them more dependent on technology and more vulnerable to cyber-extortion. School systems that have had instruction disrupted include those in Baltimore County and Miami-Dade County, along with districts in New Jersey, Wisconsin and elsewhere.
Levin’s group has tracked well over 1,200 cybersecurity incidents since 2016 at public school districts across the country. They included 209 ransomware attacks, when hackers lock data up and charge to unlock it; 53 “denial of service” attacks, where attackers sabotage or slow a network by faking server requests; 156 “Zoombombing” incidents, where an unauthorized person intrudes on a video call; and more than 110 phishing attacks, where a deceptive message tricks a user to let a hacker into their network.
Recent attacks also come as schools grapple with multiple other challenges related to the pandemic. Teachers get sick, and there aren’t substitutes to cover them. Where there are strict virus testing protocols, there aren’t always tests or people to give them.
In New York City, an attack this month on third-party software vendor Illuminate Education didn’t result in canceled classes, but teachers across the city couldn’t access grades. Local media reported the outage added to stress for educators already juggling instruction with enforcing COVID-19 protocols and covering for colleagues who were sick or in quarantine.
Albuquerque Superintendent Scott Elder said getting all students and staff online during the pandemic created additional avenues for hackers to access the district’s system. He cited that as a factor in the Jan. 12 ransomware attack that canceled classes for some 75,000 students.
The cancelations — which Elder called “cyber snow days” — gave technicians a five-day window to reset the databases over a holiday weekend.
Elder said there’s no evidence student information was obtained by hackers. He declined to say whether the district paid a ransom but noted there would be a “public process” if it did.
Hager, the art teacher, said the cyberattack increased stress on campus in ways that parents didn’t see.
Fire drills were canceled because fire alarms didn’t work. Intercoms stopped working.
Nurses couldn’t find which kids were where as positive test results came in, Hager said. “So potentially there were students on campus that probably were sick.” It also appears the hack permanently wiped out a few days worth of attendance records and grades.
Edupoint, the vendor for Albuquerque’s student information database, called Synergy, declined to comment.
Many schools choose to keep attacks under wraps or release minimal information to prevent revealing additional weaknesses in their security systems.
“It’s very difficult for the school districts to learn from each other, because they’re really not supposed to talk to each other about it because you might share vulnerabilities,” Elder said.
Last year, the FBI issued a warning about a group called PYSA, or “Protect Your System, Amigo,” saying it was seeing an increase in attacks by the group on schools, colleges and seminaries. Other ransomware gangs include Conti, which last year demanded $40 million from Broward County Public Schools, one of the nation’s largest.
Most are Russian-speaking groups that are based in Eastern Europe and enjoy safe harbor from tolerant governments. Some will post files on the dark web, including highly sensitive information, if they don’t get paid.
While attacks on larger districts garner more headlines, ransomware gangs tended to target smaller school districts in 2021 than in 2020, according to Brett Callow, a threat analyst at the firm Emsisoft. He said that could indicate bigger districts are increasing their spending on cybersecurity while smaller districts, which have less money, remain more vulnerable.
A few days after Christmas, the 1,285-student district of Truth or Consequences, south of Albuquerque, also had its Synergy student information system shut down by a ransomware attack. Officials there compared it to having their house robbed.
“It’s just that feeling of helplessness, of confusion as to why somebody would do something like this because at the end of the day, it’s taking away from our kids. And to me that’s just a disgusting way to try to, to get money,” Superintendent Channell Segura said.
The school didn’t have to cancel classes because the attack happened on break, but the network remains down, including keyless entry locks on school building doors. Teachers are still carrying around the physical keys they had to track down at the start of the year, Segura said.
In October, President Joe Biden signed the K-12 Cybersecurity Act, which calls for the federal cybersecurity agency to make recommendations about how to help school systems better protect themselves.
New Mexico lawmakers have been slow to expand Internet usage in the state, let alone support schools on cybersecurity. Last week, state representatives introduced a bill that would allocate $45 million to the state education department to build a cybersecurity program by 2027.
Ideas on how to prevent future hacks and recover from existing ones usually require more work from teachers.
In the days following the Albuquerque attack, parents argued on Facebook over why schools couldn’t simply switch to pen and paper for things like attendance and grades.
Hager said she even heard the criticism from her mother, a retired school teacher.
“I said, ‘Mom, you can only take attendance on paper if you have printed out your roster to begin with,’” Hager said.
Teachers could also keep duplicate paper copies of all records — but that would double the clerical work that already bogs them down.
In an era where administrators increasingly require teachers to record everything digitally, Hager says, “these systems should work.”
Cyberattacks increasingly hobble pandemic-weary US schools
https://arab.news/nghzb
Cyberattacks increasingly hobble pandemic-weary US schools
- Cyberattacks like the one that canceled classes for two days in Albuquerque’s biggest school district have become a growing threat to US schools
Denmark sent Trump team private messages on Greenland, Axios reports
- Axios said that the Danish government wanted to convince Trump that his security concerns could be addressed without claiming Greenland
- The Trump transition team did not respond to a request for comment on the Axios report
COPENHAGEN: Denmark sent private messages to US President-elect Donald Trump’s team expressing willingness to discuss boosting security in Greenland or increasing the US military presence there without claiming the island, Axios reported on Saturday, citing two sources.
Trump, who takes office on Jan. 20, has described US control of Greenland, a semi-autonomous Danish territory, as an “absolute necessity.” He did not dismiss the potential use of military or economic means, including tariffs against Denmark.
Axios said that the Danish government wanted to convince Trump that his security concerns could be addressed without claiming Greenland.
A spokesperson for the Trump transition team did not respond to a request for comment on the Axios report.
Danish Prime Minister Mette Frederiksen said earlier this week that she had asked for a meeting with Trump, but did not expect it to happen before his inauguration. Greenland Prime Minister Mute Egede too said he was ready to speak with Trump but urged respect for the island’s independence aspirations.
Denmark has previously said that Greenland is not for sale.
Ukraine says questioning 2 captured North Korean soldiers
- “Our soldiers captured North Korean soldiers in the Kursk region,” Ukrainian President Volodymyr Zelensky wrote on social media
- The SBU security service gave some details of the men’s interrogation, saying both described themselves as experienced soldiers
KYIV: Ukraine said Saturday that investigators were questioning two wounded North Korean soldiers after they were captured in Russia’s Kursk region, saying they provided “indisputable evidence” that North Koreans were fighting for Moscow.
It is not the first time that Kyiv has claimed the capture of North Korean soldiers during its Kursk incursion but it has not reported being able to question any before.
In December it said it took several captive but they died from serious wounds.
“Our soldiers captured North Korean soldiers in the Kursk region. These are two soldiers who, although wounded, survived and were brought to Kyiv, and are talking to SBU investigators,” Ukrainian President Volodymyr Zelensky wrote on social media.
The SBU security service gave some details of the men’s interrogation, saying both described themselves as experienced soldiers and one said he had been sent to Russia for training, not to fight.
But Ukraine has not provided any evidence that the men are North Korean.
In video released by the SBU, two men with Asian features are shown in hospital bunks, one with bandaged hands and the other with a bandaged jaw. A doctor at the detention center says the second man also has a broken leg.
Pyongyang has deployed thousands of troops to reinforce Russia’s military, including in the Kursk border region where Ukraine mounted a shock incursion in August last year.
Zelensky had said in late December that Ukraine had captured several seriously wounded North Korean soldiers who later died.
He said Saturday that it was difficult to capture North Koreans fighting because “Russians and other North Korean soldiers finish off their wounded and do everything to prevent evidence of the participation of another state, North Korea, in the war against Ukraine.”
He said he would provide media access to the prisoners of war because “the world needs to know what is happening.”
Ukraine’s Foreign Minister Andriy Sybiga wrote on X that the “first North Korean prisoners of war are now in Kyiv,” calling them “regular DPRK troops, not mercenaries.”
“We need maximum pressure against regimes in Moscow and Pyongyang,” he wrote.
The men do not speak Russian or Ukrainian and communication is through Korean interpreters, the SBU said, adding that this was “in cooperation” with South Korea’s National Intelligence Service.
The SBU video does not show the men speaking Korean. AFP reporters in Seoul have contacted the NIS for comment.
The SBU said the men’s capture provided “indisputable evidence of the DPRK’s participation in Russia’s war against our country.”
It showed a Russian army ID card issued to a 26-year-old man from Russia’s Tyva region bordering Mongolia.
The SBU said that one POW carried this military ID card “issued in the name of another person” while the other had no documents at all.
Some reports have said Russia is hiding North Korean fighters by giving them fake IDs.
The SBU said the man with the Tyvan ID had told them he was given it in Russia in autumn 2024 when some North Korean combat units had “one-week interoperability training” with Russian units.
The man said he believed he was “going for training, not to fight a war against Ukraine,” the SBU said.
The man said he was a rifleman born in 2005 and had been in the North Korean army since 2021.
The other man wrote answers because of an injured jaw, saying he was born in 1999, joined the army in 2016 and was a scout sniper, the SBU said.
The SBU said the men were captured separately — one on Thursday — by special forces and paratroopers.
They are being provided with medical care and “held in appropriate conditions that meet the requirements of international law,” the SBU said.
Russia’s army said Saturday that it had gained territory in Ukraine’s eastern Donetsk region northwest of the logistics hub of Kurakhove, which it claimed to have captured Monday.
The defense ministry said troops had “liberated” Shevchenko, a rural settlement about 10 kilometers (six miles) northwest of Kurakhove.
Shevchenko, a large village, is located west of the reservoir near Kurakhove and “is necessary to take under control, to protect the town from shelling,” the RIA Novosti state news agency reported.
“Now Russian troops can move further toward the western border of the Donetsk People’s Republic,” it said.
Russia claims to have annexed the Donetsk region, which it refers to as the Donetsk People’s Republic, though it does not control the whole region.
Ukraine has not confirmed the loss of Kurakhove, which had around 18,000 inhabitants before Russia launched its 2022 offensive.
The Ukrainian military’s General Staff said Saturday that troops had stopped Russia’s offensive actions in the area, including around Kurakhove.
Russia is also moving close to taking the vital frontline city of Pokrovsk north of Kurakhove.
Donetsk’s regional governor Vadym Filashkin said Saturday that one person had been killed and another wounded in Pokrovsk over the last day.
In the southern Zaporizhzhia region, a Russian drone attacked a car in a village near the front line, killing a 47-year-old woman on the spot, its governor Ivan Fedorov wrote on Telegram.
Top Indian university hosts special course on Saudi transformation, Vision 2030
- Indian Ministry of Education-sponsored program will take place at Jawaharlal Nehru University on Jan. 20-25
- Key speaker will be Prof. Joseph Albert Kechichian from King Faisal Center for Research and Islamic Studies
NEW DELHI: One of India’s most prestigious educational institutions will host a special course this month about Saudi Arabia’s transformation programs and Vision 2030, as relations between the countries deepen.
The five-day course is organized by Jawaharlal Nehru University in New Delhi in cooperation with the Ministry of Education under the Indian government’s Global Initiative of Academic Networks program to encourage exchanges with the world’s top faculty members and scientists.
Scheduled to start on Jan. 20, the course will be led by Prof. Joseph Albert Kechichian, senior fellow at the King Faisal Center for Research and Islamic Studies in Riyadh, who specializes in West Asian politics and foreign policy, especially of the Gulf region.
About 70 participants, including scholars, professionals and young researchers are expected to attend the sessions, said Prof. Sameena Hameed form the JNU’s Centre for West Asian Studies, who coordinates the course.
“It’s a Ministry of Education program, it’s a highly prestigious ... Saudi Arabia is one of our key partners in the Gulf region, where India has key energy trade investment and remittance interest,” she told Arab News.
“We have about 2 million Indians working there. India and Saudi Arabia are looking at each other with keen interest: How to harness this partnership for mutual development, for trade investment and other educational engagements.”
Saudi-Indian ties have steadily gained prominence over the past three decades, and reached a new level of engagement in 2019, following Crown Prince Mohammed bin Salman’s visit to New Delhi and the establishment of the Strategic Partnership Council.
This foundation set the stage for further collaboration, which gained momentum when Saudi Arabia presided over the Group of 20 largest economies in 2020, followed by India’s presidency of the bloc in 2023. The evolving relationship has not only deepened strategic ties but also fostered cooperation in trade, security, new technologies and regional stability.
The upcoming course at JNU aims to equip the participants with knowledge about key transformation programs underway in the Kingdom under its Vision 2030, and to understand its position at the local, regional and global levels.
“The rapid transformation the Kingdom has gone through under King Salman and Crown Prince Mohammed bin Salman is important and needs greater academic discussions and understanding,” said Md. Muddassir Quamar, associate professor at the Centre for West Asian Studies.
“Vision 2030 promises not only to transform the Kingdom but also set the benchmark for developing societies that are working towards sustainable development with care for people, peace, prosperity and environment. India, in particular, is interested in a peaceful and stable West Asia given its deep and historic relations with the region and its strategic interests in the stability of the region. With Vision 2030 Saudi Arabia is set to take a leap forward in its developmental goals, and India views it as significant in ensuring a stable West Asia.”
British Muslims plan MCB alternatives to represent communities
- New bodies to provide civil, political support to Muslims in UK
- Successive governments have refused to fully engage with established Muslim bodies
LONDON: A number of British imams are in the process of establishing new organizations to represent the UK’s Muslim communities, The Times reported on Saturday.
A series of governments have refused to engage with established Muslim bodies, including the Muslim Council of Britain, creating a “vacuum” between politicians and British Muslims, according to community leaders.
Other groups — such as the Mosques and Imams National Advisory Board, the British Board of Imams and Scholars, and Tell Mama, an organization monitoring Islamophobia — are deemed too small to effectively lobby for or represent the UK’s 3.8 million Muslims.
The MCB represents around 500 mosques, schools and charities in the UK on social issues, but does not issue religious declarations.
The Labour government under Tony Blair had ties with it, but saw those severed in 2009 under Gordon Brown after the MCB’s then-deputy leader signed a declaration that was viewed as a call for violence against the Royal Navy and Israel.
The current Labour government talks to various Muslim groups on an “ad hoc” basis, said Qari Asim, senior imam at the Makkah Mosque in Leeds.
A source told The Times that rather than “simply a new entity to replace the MCB,” a “series of new initiatives” would be established “focused on increasing connection between British Muslims and the British government and trying to better represent and engage British Muslims.”
Another source told the newspaper: “It is a group of people from broad civil society who happen to be Muslim, from lawyers to doctors to economists to accountants.
“It’s a huge community (but) there is a lack of serious engagement (from government) and a whole load of expertise and experience not being tapped into by policymakers and others.”
Sariya Cheruvallil-Contractor, professor in the sociology of Islam at Coventry University, told The Times that the government is “missing a trick” by not engaging with the MCB, warning that there is “a lot of suspicion within Muslim communities of new initiatives.”
UK must weigh repatriating Daesh members in Syria, terror adviser says
- Jonathan Hall KC: ‘It wouldn’t prevent them from potentially being prosecuted for what they’ve done’
- Trump’s counterterrorism adviser has also urged Britain to take back citizens who joined Daesh
LONDON: The UK must consider repatriating British members of Daesh held in Syrian detention camps, the government’s independent terrorism adviser has said.
“Repatriation would not be moral absolution. If someone came back it wouldn’t prevent them from potentially being prosecuted for what they’ve done,” Jonathan Hall KC, the independent reviewer of terrorism legislation, told the BBC.
The incoming Trump administration’s counterterrorism adviser Sebastian Gorka has also urged the UK to follow the US lead and take back its citizens who joined Daesh.
“Any nation which wishes to be seen to be a serious ally and friend of the most powerful nation in the world should act in a fashion that reflects that serious commitment,” Gorka said.
“That is doubly so for the UK which has a very special place in President (Donald) Trump’s heart, and we would all wish to see the ‘special relationship’ fully re-established.”
One high-profile Briton who traveled to Syria to support Daesh is Shamima Begum, who left London as a teenager in 2015.
Her citizenship was stripped in 2019. Foreign Secretary David Lammy has said Begum “will not be coming back to the UK.”
Hall said: “It could be quite a pragmatic decision in the overall interests of national security to bring someone back.
“There is obviously some national security benefit of leaving people there because you don’t have to monitor them.
“On the other hand, there haven’t yet been any attacks in Europe by anyone who has been repatriated in this way and if they are left there ... and then they escape, they would be much more dangerous, actually, to the UK.”
The US and some European countries have repatriated their citizens from Syrian camps. Many have been put on trial and imprisoned.
Lammy said Begum’s case has been reviewed in court and the 25-year-old is “not a UK national.”
Many of the detainees are “dangerous, are radicals,” he told the “Good Morning Britain” show on Thursday.
Opposition leader Kemi Badenoch has also said Begum should not be allowed to return to the UK.
“Citizenship means committing to a country and wanting its success. It’s not an international travel document for crime tourism,” Badenoch said.
