Education Sector

3 out of every 5 malware attacks in the past month

Microsoft Security Intelligence found that 61 percent of nearly 7.7 million enterprise malware encounters reported in the past month came from those in the education sector, making it the most affected industry. In North Carolina, there were 5 ransomware attacks on school districts in the first 8 months of 2020.

Remote learning due to the pandemic has increased the use of technology for teaching, learning and continuing school operations. This has caused schools to become more vulnerable to cyberattacks.

Cybersecurity is a top concern. It was the No. 1 priority  IT leaders indicated in a 2020 educational technology leadership survey conducted by the Consortium for School Networking (CoSN). “The shift to remote learning opens the door for different points of attack that most school districts weren’t set up to support,” says Amy McLaughlin, cybersecurity project director for CoSN.

Types of data compromised by cyber attack include:

  • Personally identifiable information (PII)
  • Biometric data
  • Academic progress
  • Behavioral, disciplinary, and medical information
  • Web browsing history
  • Students’ geolocation
  • IP addresses used by students
  • Classroom activities

Malicious use of this sensitive data could result in social engineering, bullying, tracking, identity theft, or other means for targeting children.

Why Schools are seeing more threats

  • Lack of funding and resources needed to build a strong cybersecurity program
  • Lack of Cyber security awareness training
  • Not a priority in the past as education sector was considered a low risk target
  • Increased threat surface from remote learning
  • Knowledge and experience gap. Not enough employees who have the expertise to effectively manage cybersecurity and develop engaging and ongoing training

Top cyber security threats

The most common threat is Phishing (mostly social engineering attacks)where scammers use to trick users into giving them confidential information such as passwords and network credentials or installing malicious software through fraudulent downloads or attachments. According to CoSN, over 90 percent of cyberattacks start with Phishing.

Shift to virtual environments have increased pandemic-related phishing campaigns. eg., Cyber actors are impersonating government agencies asking for bank account information to issue stimulus checks.  Fake businesses pretending to sell personal protective equipment.

Schools are increasingly being target by Ransomware attacks, which encrypts the data and requires a ransom to be paid in order to regain access to the data. The threat of releasing the data is also sometimes made unless a ransom is paid. Sometimes threatening e-mails are sent to parents and students with ransom being demanded from the schools.

IOT (Internet of Things) devices are also adding to cyber threats. This include district owned equipment such as security cameras and other devices that may be student or teacher owned such as watches or cloud-based voice service devices. These devices often lack security or are not updated on a regular cycle.

Security awareness training is essential to lower the cyber risk. First a security policy needs to be established or a new policy created. Part of that policy should include an incident response plan to be able to react, contain and recover from a security attack. We recommend a multi phase approach to cyber security that covers both proactive and reactive steps. The 3D of Benchmark security are Defend, Detect, Defuse. 

We can help you assess your current security gaps and then propose a plan to mitigate those risks.


Colleges and Universities are not immune

The increased threat of cyber attacks is not just limited to K-12 education. Higher education is increasingly under attack. There are more intellectual property at risk in higher education. University of California, San Francisco, School of Medicine was recently attacked by Ransomware and ended up paying $1.14M worth of Bitcoins in ransom. University of Utah Paid $457K After Ransomware Attack. University of North Carolina at Wilmington was notified by one of it's third party vendors of a ransomware incident.

Information Security Challenges in Higher Education

Higher education sector face unique security challenges not seen in other sectors. 

  • Legacy Hardware - University students use various types of devices including smart phones and legacy computers to access the network. Lot of these devices are less secure with out of date hardware and software opening the university network to more vulnerability.
  • Lack of Research Visibility for IT Staff - Intellectual property (IP) generated from research is a key source of income for the universities and funding organization. To keep this information confidential the IT staff have limited knowledge of these critical parts of the system to protect.
  • Open Culture - Universities by nature is a open environment where information flow freely, and the students use the school’s network to access this information. Weak passwords and too many users with access to too many areas poses a severe security threat.
  • Regulatory Compliance - Universities have to deal with various types of data that are governed by compliance regulations. The medical records of students are governed by HIPAA, the financial information falls under PCI, education records under FERPA etc.
  • Public Relations Problems After Cyber Attacks - Cyber attack always cause of lot of news coverage and concern from parents, students, faculty, and staff. These concerns and negative views linger long after the actual incident.
  • Third-Party Vendors - Vendors that host applications, websites for the university or have access to the university network expands the attack surface and make the institution more vulnerable.

We have been working with Universities and Colleges to help them with their networking and security needs. We can help you review and update your security policy, do security assessment, perform threat monitoring and remediation to name a few. Call us today.