According to a survey by Consortium for School Networking, only 15% of technology leaders said they had implemented a cybersecurity plan for their school district. Spending little time and money on cybersecurity initiatives has motivated hackers to exploit weaknesseses in systems, as shown in magecart attacks. Magecart, a form of a digital skimming attack that steals credit card or payment data from web visitors, has exponentially grown since its inception. What started in 2016 as a consortium of hacker groups has now transitioned into targeting all kinds of institutions, most recently the education system. In January 2020, Blue Bear software fell victim to Magecart. Blue Bear is a SaaS solution that facilitates administration and management of school accounting, student fees, and online stores on behalf of schools. In this article, we’ll look at the root cause of the breach, relevant security trends, and potential solutions to these problems.
The Magecart Attack
The school ended up sending out a breach notification letter to the impacted families, offering them free identity monitoring services. It mentioned that the attack had gathered information for over a month. The school also suggested putting credit freezes to reduce the impact of the attack on the affected individuals.
Since the school was using a cloud-based software for its payment provider (Magento), they could have implemented a solution known as CloudGuard SaaS, which provides real-time threat prevention capabilities. This solution can automatically search for any suspicious code changes done by SQL injections, using the award-winning collaborative network known as ThreatCloud. For more information on this technology, feel free to reach out to me for a consultation.