On October 2nd, an unknown group sent death threats to an Iowa based Johnston Community School District forcing it to close some of its schools. The messages sent to parents via text included physically harming their kids and even killing them.
According to an official statement from Johnston Community School District “Around 8 p.m. on the evening of October 2, individual students and parents within our school district received anonymous messages, threatening the safety and security of our students. In an effort of caution, we will be canceling school for all students and district staff on Tuesday, October 3. All district buildings will be closed, and there is no KTC program.”
Now, reportedly, Dark Web hacking group going by the handle of Dark OverLord has claimed responsibility for sending threats. Not only that, the group has also leaked personal data of students that includes student names, telephone numbers, addresses, and voicemails.
The Dark OverLord works in a way where it first looks for zero-day vulnerabilities in the targeted system, breaches it then holds data for ransom. In some cases, the group demands money from large enterprises which have in the past included Netflix and WestPark Capital Bank.
Last year, the same group was responsible for selling multiple US healthcare insurance database containing
Some targeted victims involved the Federal Bureau of Investigation (FBI) to solve the issue which the group took as an offense. “We’re escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us,” The Dark Overlord, told The Daily Beast.
In the case of Iowa, the group claimed to hack Johnston Community School District and stole a trove of data allowing it to access personal and contact details of students which further led the sending of threatening messages to parents.KCCI reported that one of the messages sent out to a family stated that “I’m going to kill some kids at your son’s high school.”
With every new day, hackers are getting sophisticated in identifying zero-day flaws which allows them to conduct their attack further. Schools and other educational institutes should hire cybersecurity firms to analyze threats surrounding officials and students.