While cyberattacks on large companies and government organizations usually make headlines, about 80 percent of attacks now target educational institutions, including schools, colleges, and universities. This somewhat surprising number is based on Microsoft Global Threats report that tracks reports of enterprise malware encounters over the past 30 days. And according to a new report by Check Point Researcheducation and research has seen growth of 114% over the past two years, making it the most attacked industry sector.
While cyberattacks on educational institutions are nothing new, the scale of the threat reflected in these reports is a wake-up call for those responsible for IT and security. The need to quickly adapt to distance learning during the pandemic has made many schools, colleges and universities more vulnerable targets and increased the potential attack surface for hackers to penetrate computer networks. With distance learning, there is a growing number of personal and unmanaged devices that can be unsecured and used by other family members.
Schools, colleges and universities are attractive targets for cybercriminals because they work with sensitive data and large budgets, but often lack the resources and staff when it comes to IT security skills. Malware Protection for Schools and Nonprofits (secureage.com)
Ransomware is on the rise
A large percentage of attacks on schools are ransomware attacks initiated by a student, staff member or parent who clicks on a malicious link in a phishing email and leads to the theft or encryption of school data, then demands money in exchange for its recovery. In a series of recent high-profile attacks, at least seven UK higher education institutions have been hit by a global ransomware attack targeting their US cloud computing provider. Universities affected by recent ransomware attacks include the University of Northampton, the University of Newcastle, the University of Hertfordshire and the University of Portsmouth. The University of Sunderland also revealed it had come under a suspected cyber attack with its phone lines, website and IT systems down.
In light of this rise in ransomware attacks, the UK’s National Cyber Security Center (NCSC) has issued a special warning saying it is “important that (schools) urgently review existing defenses and take the necessary steps to protect your networks from cyber attacks”.
Back to basics
While it’s critical that all educational institutions follow best practices when it comes to software updates and patches, backups, password policies, and security training, it’s clear that a traditional approach to cybersecurity isn’t working.
Simply putting in layers of defense to keep out cybercriminals is no guarantee, and determined hackers will always find a way to sneak in. And once they hit, increasingly sophisticated attacks make detection harder.
So, when it comes to stopping attacks in their tracks, it’s time to adopt a simple and reliable approach. Rather than trying to detect malicious code or applications running on end computers and systems, it’s a case of using “allow list” technology to stop unauthorized launch. It is a zero tolerance or trust approach to both known and unknown threats. If someone at home, in the classroom, or in the office clicks on a malicious link or opens a fake document that tries to install malware, it will stop them and trigger an alert. It is like a teacher at the school gate; if you are not registered, you cannot enter.
Data protection
Another approach is to focus on protecting the data rather than trying to prevent access to it through encryption. But all data must be protected at all times – not just at rest, but also in transit and in use, both on-premises and in the cloud. While full disk encryption technology protects data when it’s stored on a hard drive or USB stick (great if you lose your laptop), it’s useless for protecting data from unauthorized access or theft from a running system.
Even seemingly trivial information can be useful to cybercriminals, so it’s not a good idea to encrypt only the “most important” or “sensitive” data. With advancements in technology and high processing speeds, continuous data encryption can now be used to protect all data at all times. It’s a case of beating extortionists at their own game. You cannot demand ransom for garbage.
It’s time for schools, colleges and universities to get back to the basics of cybersecurity. The combination of zero tolerance and data-centric security will go a long way in protecting their data and reputation in the face of increasing attacks.
Learn more about SecureAge technology here.
You may also like: National Cyber Security Center Warns of Increasing Ransomware Attacks on the Education Sector
https://edtechnology.co.uk/comments/lessons-on-cyber-security-for-schools-colleges-and-universities/