Pine Cove Blog

Breaking Down the Infinite Campus DoS Cyber-Attack

Written by Jace Holyoak | Oct 15, 2018 9:42:36 PM

Infinite Campus is one of the largest databases for student information serving more than 7.8 million students across 45 states. Being source of so much valuable data, Infinite Campus frequently encounters cyber-threats from a variety of sources. On Monday, September 17th Infinite Campus faced the largest single cyber-attack which it claims was 50 times greater and 100 times longer in duration than anything they have ever experienced before.

While this attack did not result in a data breach or a hack, it did cause Infinite Campus' applications to be limited for school districts across the country including: Oklahoma City Public Schools, Edmond (OK) Public Schools, Moore (OK) Public Schools, Natrona County (WY) School District, and several others. This attack is a textbook Denial of Service (DDoS) attack.

At this point it is unclear who may be responsible for the DoS attack but Homeland Security and contracted cyber-security experts are now investigating the matter. 

Read Infinite Campus' statement on the attack here.

What is a Denial of Service attack?

According to Sophos, a Denial of Service (DoS) attack is an attempt to make a machine or network resource unavailable to the intended users. One common method of attack involves saturating the target machine with external communications requests so that it cannot respond to legitimate traffic or the machine responds so slowly that it is essentially useless."

Protecting your network from a DoS attack

You can protect your network against DoS attacks by configuring DoS settings on your firewall. With the Sophos XG Firewall, you can set the appropriate Packet and Burst rates under DoS Settings. This will prevent the massive saturation of external communication requests that cause organizations' services to slow down rendering the services useless as in the case of the Infinite Campus attack. 

Conclusion

Downtime of services can be devastating for organizations of all sizes. DoS attacks have a track record of shutting down websites, internet service, and servers.  While DoS attacks have only become an occasional event in recent years, it is still a good idea to have a synchronized security model to protect against all types of attack. 

Watch Pine Cove Consulting's XG Firewall webinar to learn how to protect your organization from DoS attacks"