Lessons on cyber security for schools, colleges and universities
While cyber attacks on major companies and government organisations tend to grab the news headlines, around 80 percent of attacks are currently targeted at educational institutions including schools, colleges and universities. This somewhat surprising figure is based on Microsoft’s Global Threat Activity report that tracks reported enterprise malware encounters in the last 30 days. And according to a new report by Check Point Research, education and research have suffered a 114% increase over the past two years, making it the most attacked industry sector.
While cyber attacks on education institutions are nothing new, the scale of the threat reflected in these reports is a wake-up call for those in charge of IT and security. The need to adapt quickly to distance learning during the pandemic has made many schools, colleges and universities more vulnerable targets and increased the potential attack surface for hackers to infiltrate computer networks. With remote learning, there is a growth in personal and unmanaged devices, which may be unprotected and shared with other family members.
Schools, colleges and universities make attractive targets for cyber criminals because they are handling sensitive data and large budgets but are often under-resourced and under-staffed when it comes to IT security skills. Malware Protection program for schools and non-profits (secureage.com)
Ransomware on the rise
A large percentage of attacks on schools are ransomware attacks initiated through a pupil, member of staff or parent clicking on a malicious link in a phishing email and resulting in the theft or encryption of school data followed by demands for money in exchange for its recovery. In a series of recent high-profile attacks, at least seven higher education institutions in the UK were hit by a global ransomware attack that targeted their US-based cloud computing provider. Universities hit by recent ransomware attacks include University of Northampton, Newcastle University, University of Hertfordshire, and Portsmouth University. The University of Sunderland also revealed it experienced a suspected cyber attack with telephone lines, website and IT systems disabled.
Given this rise in ransomware attacks, the UK National Cyber Security Centre (NCSC) issued a special alert, stating that, “it’s vital that (schools) urgently review existing defences and take the necessary steps to protect your networks from cyberattacks”.
Back to basics
While it is essential that all educational establishments follow best practice when it comes to software upgrades and patching, backups, password policies and security awareness training, it is clear that the traditional approach to cybersecurity isn’t working.
Simply building up layers of defence to keep the cyber criminals out is no guarantee and determined hackers will always find a way to get through. And once in, increasingly sophisticated attacks make it difficult to detect.
So, when it comes to stopping attacks in their tracks, it’s time to take a simple and robust approach. Rather than trying to spot malicious code or applications running on end point computers and systems, it’s a case of using ‘allow listing’ technology that stops anything unauthorised from running. It is a zero-tolerance or trust approach to both known and unknown threats. If someone at home, in the classroom or in the office clicks on a malicious link or opens a rogue document that tries to install malware, it will stop it from running and raise an alert. It’s like the teacher at the school gate; if you are not on the register, then you can’t come in.
Protecting the data
The other approach is to focus on protecting the data rather than trying to prevent access to it, by using encryption. But all data needs to be protected all of the time – not only at rest but also in transit and in use, both on-site and in the cloud. While full disk encryption technology will protect data when it is at rest on a hard disk or USB stick, (great if you lose your laptop), it is of no use in protecting data against unauthorised access or theft from a running system.
Even seemingly trivial information can be useful to a cybercriminal – so it’s no good encrypting only the ‘most important’ or ‘sensitive’ data. With advances in technology and fast processing speeds, seamless data encryption can now be used to protect all data, all of the time. It’s a case of beating the ransomware criminals at their own game. You can’t demand a ransom for garbage.
It’s time that schools, colleges and universities go back to basics when it comes to cyber security. A combination of zero-tolerance and data-centric security will go a long way to protecting their data and reputations in the face of increasing attacks.
Find out more about SecureAge Technology here.