4 Cybersecurity Initiatives Your School District Should Already Have Underway
In 2020, hackers had school districts nationwide up against the ropes as they broke the record for school cyber-attacks. The shift to remote learning as well as the expansion of harmful ransomware varieties contributed to an increase in school-related attacks by 18%. Whether caused by data breaches and leaks, phishing attacks, ransomware, or any other number of malicious strategies, it was the students, faculty members, and districts that suffered most.
For districts to combat these cyber threats to schools in 2022 and beyond, cybersecurity stakeholders need to implement a holistic approach to their strategies. Through the lens of “people, process, and tools,” we will discuss basic controls including phishing prevention, secure access, endpoint remediation and recovery strategies that your security teams should review (and if you need help, that IT security solutions providers like iSphere can provide).
While teachers were working from home in 2020, at least 15% to 20% of teachers clicked on phishing scam links. The challenge is that many of the traditional ways that organizations have attempted to dissuade their users from clicking on phishing links are no longer working and hackers tailor their attacks to each specific industry or organization.
For example, if hackers compromise an administrator’s email account, sending out malignant links disguised as mask policies or updates to remote learning protocols, most teachers will click without a second thought. More than just providing students, teachers, and administrators with a list of don’ts, it’s important to educate them about the impact of phishing attacks on their personal data and that of people throughout the school district.
Additionally, it’s important to address phishing attacks in a way that does not dissuade people from self-reporting their mistakes. For example, when an organization calls out specific users by name during evaluations and trainings, this can create a sense of fear or anxiety that will encourage people not to notify your cybersecurity team of issues, hindering your response time. Handle everything discreetly if you want your cybersecurity apparatus to be trusted by your people and as responsive as necessary.
Controlling who can and cannot access school systems has been an ongoing struggle for years. Apathetic students and overworked staff are going to be less inclined to practice password hygiene than employees in the private sector (and that’s not saying much). They’ll choose whichever passwords they can most easily remember, reuse those passwords, or even share them with other users to avoid extra steps. It’s no surprise that one of the biggest cyber threats in schools is coming from within the organization itself.
Over the years, security specialists and cybercriminals have played a game of tug of war, each side innovating to overcome the other’s actions. Since passwords and other single-factor authentication measures no longer competitive, many cybersecurity experts have been recommending the zero-trust security framework to mitigate all but the most inventive attacks. This type of framework treats the very idea of “trust” as a vulnerability and requires that users and devices authenticate their identity and permissions with every single request to access applications and data.
And though passwords aren’t the be-all-and-end-all, they can still be useful as a layer of security, if you encourage students and staff to brainstorm creative and difficult to crack passwords. The common choice, a random string of different letters, characters, and numbers have proven to be much easier to crack (and harder to remember) than a longer string of randomly chosen words. This xkcd comic hits home the point perfectly (though we don’t suggest you use the exact example used).
Most school districts have prepared for cyber threats against endpoints such as PCs inside and outside their networks. The question is: are you thinking about mobile devices in your endpoint strategy? More and more, students and teachers are using their own devices to access learning platforms, education materials, or even school district communications. Hackers recognize this and take advantage of this overlooked possibility.
Hiddad is a great example. This Android malware repackages legitimate mobile apps and rereleases them in third-party app stores as a trojan attack. Once installed, this type of malware displays full screen ads that generate revenue for hackers and disrupt the user’s mobile experience. When a mobile user attempts to uninstall the application, they’ll have a tough time finding the hidden or intentionally mislabeled app within their files. That’s just one example in a larger ecosystem of mobile malware or exploitation tools.
One of the best cybersecurity strategies in this regard is NextGen Endpoint Detection and Response (EDR). This technology monitors and stores all endpoint behavior to determine any suspicious activity, enable informed decision making, and prevent malicious actions that you have encountered before they can do damage.
Though these solutions are becoming more common, it’s important that any tool you choose provides comprehensive visibility and insight to allow your team to move fast and efficiently to protect your systems and data.
Ransomware is the nightmare of cybersecurity professionals everywhere. Moreover, it’s one of the cyber threats to schools which has grown the most in the last five years. According to Pew Trust, ransomware demands have skyrocketed from an average of $3,000 in 2015 to an average of $250,000 in 2020. Worst yet, the total amount schools lost to this type of malware during all of 2020 amounted to $4.1 billion.
The traditional response to malware has been to create regular system backups that school districts can revert to rather than paying a ransom. Cybercriminals have wised up to that tactic and are deploying some clever workarounds of their own.
Some will breach systems, exfiltrate sensitive data, and set a ransom for the stolen information. Others will enter your system to delete your backups and shadow copies and then wring a ransom from your district. Either way, the conventional approach no longer works with the same degree of success. Pairing the same zero trust framework, multifactor authentication, and password hygiene as outlined above with encryption and dark web monitoring solutions can defang ransomware attacks before they strike.
Want to ensure that you are prepared for the most common cyber threats to schools? Sign up for our upcoming webinar “Are Your Security Controls Putting Student and Staff Data at Risk?” to verify that you’re covering your bases.
Sign up to be notified about our upcoming webinar