Coralville expert: education a ‘target’ for hacker group Vice Society

Published: Aug. 3, 2022 at 10:15 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

CEDAR RAPIDS, Iowa (KCRG) - A Coralville cybersecurity expert said within the last “three or four months” he has seen education become a “target” for the hacker group Vice Society.

Vice Society is credited with the ransomware attack on Linn-Mar Community School District.

Brandon Potter is the Chief Technology Officer for ProCircular, a cybersecurity firm based out of Coralville. He said the group Vice Society is “relatively new in this space.” He added they have probably been around for about a year.

TV9 asked if experts knew how big the group is or where they are from. “We don’t know any of those things,” said Potter. “They’re one of those that are kind of known, but unknown.”

“There are suspicions, but without confidence we can’t say where the attribution is,” said Potter. “These groups are frequently not US-backed, right? They are more nation-state. But it could be European, it could be Russian, North Korean. The attribution—just there’s not enough information there yet to tell.”

However, Potter said experts did have knowledge about how the group operates. “They’re commonly getting into networks or companies or on computer systems. They use malicious documents. Whether that be the a phishing attack that has it as an attachment, right? You see those invoice emails. ‘Hey, open this invoice. It’s overdue, I need you to pay it.‘”

Potter said when a person opens that attachment, it gives hackers “a foothold” in the system.

Potter also said the threats from the hackers are not empty ones. “Vice Society, if you cannot come into an agreement, is pretty— pretty much 100% releases data in all of the cases we’ve seen.”

He added that, along with making good on threats to release data if not paid, Vice Society also is known to release data if other experts get involved. “If you bring in a negotiation firm, and they realize that there’s a negotiation firm involved, they just stop and they post your data.”

Potter said that if there is a negotiation that is not going in their favor, hackers can post the data “because it gives them better credibility for their next victim.”

Potter said hackers go after easy targets with security that is more lax. However, one challenge is the human element combined with the increasing sophistication of the attacks. “Cybersecurity awareness training does work, but again, these attackers are getting very good.” Potter went on to say, “Some of those things you’re taught to look out for would maybe not be available to detect.” Potter gave the example of a hacker breaching a trusted email account.

Copyright 2022 KCRG. All rights reserved.