Cathedral Prep Hit by INC Ransom Ransomware Attack
Incident Date:
September 11, 2024
Overview
Title
Cathedral Prep Hit by INC Ransom Ransomware Attack
Victim
Cathedral Prep
Attacker
Inc Ransom
Location
First Reported
September 11, 2024
Ransomware Attack on Cathedral Prep by INC Ransom
Cathedral Preparatory School, a private Catholic high school located in Erie, Pennsylvania, has recently fallen victim to a ransomware attack orchestrated by the cybercriminal group INC Ransom. The attack has potentially jeopardized sensitive data and disrupted the educational operations of this esteemed institution.
About Cathedral Prep
Cathedral Prep, established in 1921 by Archbishop John Mark Gannon, is part of the Roman Catholic Diocese of Erie. The school employs between 51-100 people and serves approximately 664 students. Known for its rigorous academic curriculum, Cathedral Prep offers 20 Advanced Placement (AP) courses and boasts a 100% college acceptance rate for its graduating class. The school also emphasizes extracurricular activities, with over 32 clubs and a robust athletics program.
What Makes Cathedral Prep Stand Out
Cathedral Prep is renowned for its commitment to holistic education, focusing on the moral, intellectual, social, and physical development of its students. The school’s mission is to prepare students for higher education and instill values that will help them become responsible members of society. This comprehensive approach has established Cathedral Prep as a respected institution in the Erie community and beyond.
Vulnerabilities and Targeting
Educational institutions like Cathedral Prep are often targeted by ransomware groups due to the valuable personal and financial information they hold. The school's extensive use of digital platforms for academic and administrative purposes makes it susceptible to cyberattacks. The ransomware group INC Ransom likely exploited these vulnerabilities to gain unauthorized access to Cathedral Prep's systems.
Attack Overview
The ransomware attack on Cathedral Prep was claimed by INC Ransom via their dark web leak site. The group is known for its sophisticated techniques, including spear-phishing campaigns and exploiting vulnerabilities such as CVE-2023-3519 in Citrix NetScaler. INC Ransom employs a double extortion tactic, encrypting data and threatening to release it publicly to increase pressure on victims to comply with ransom demands.
About INC Ransom
INC Ransom is a highly sophisticated cybercriminal group that has gained notoriety for its targeted ransomware attacks on various industries, including healthcare, education, government entities, and technology companies. The group uses advanced techniques for reconnaissance and lateral movement within a network, making it a formidable threat. INC Ransom has been active since 2023 and has claimed responsibility for breaching numerous organizations, including Xerox Corp and NHS Scotland.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.