While this attack did not result in a data breach or a hack, it did cause Infinite Campus' applications to be limited for school districts across the country including: Oklahoma City Public Schools, Edmond (OK) Public Schools, Moore (OK) Public Schools, Natrona County (WY) School District, and several others. This attack is a textbook Denial of Service (DDoS) attack.
At this point it is unclear who may be responsible for the DoS attack but Homeland Security and contracted cyber-security experts are now investigating the matter.
Read Infinite Campus' statement on the attack here.
According to Sophos, a Denial of Service (DoS) attack is an attempt to make a machine or network resource unavailable to the intended users. One common method of attack involves saturating the target machine with external communications requests so that it cannot respond to legitimate traffic or the machine responds so slowly that it is essentially useless."
You can protect your network against DoS attacks by configuring DoS settings on your firewall. With the Sophos XG Firewall, you can set the appropriate Packet and Burst rates under DoS Settings. This will prevent the massive saturation of external communication requests that cause organizations' services to slow down rendering the services useless as in the case of the Infinite Campus attack.
Downtime of services can be devastating for organizations of all sizes. DoS attacks have a track record of shutting down websites, internet service, and servers. While DoS attacks have only become an occasional event in recent years, it is still a good idea to have a synchronized security model to protect against all types of attack.
Watch Pine Cove Consulting's XG Firewall webinar to learn how to protect your organization from DoS attacks"