How cyber attackers get into a school
Schools today are increasingly targeted by cyber attackers who use sophisticated methods to breach networks and steal or manipulate sensitive data. A...
3 min read
Mark Orchison : May 19, 2023 9:45:23 AM
In today's digital age, schools are not only responsible for educating their students but also protecting them from cyber threats. With the increased use of technology in schools, the risk of a school being a victim of a cyber attack has also grown. For example, the Microsoft Cyber Global Threat tracker has, for the past twelve months, consistently reported that 80% of total malware encounters reported by their global install base of devices and systems are in education. This concerning statistic highlights the need for schools to take proactive steps to protect their IT systems and data. Protecting a school from cyber security threats does not necessarily require a large investment of financial resources. Rather, a school can take some basic steps to protect itself from cyber threats. In this article we explore steps a school can easily take to better protect itself from cyber threats.
A first step that a school can take to protect itself from cyber threats is to have an effective IT services policy in place. An IT services policy should clearly outline how IT systems are managed and updated, and include policies and processes for managing and securing the school's IT infrastructure. The policy binds the theoretical requirements of the IT department with practical outputs. For example, the IT policy should define the need for disaster recovery and business continuity documentation. With the tasks defined within the disaster recovery and business continuity plan needing to be tested on a frequent basis. The implementation of this plan is then scheduled within the overall school calendar, most likely to be undertaken over a weekend, the plan tested and its effectiveness reported. In relation to cyber, the plan should test for at least the recovery from all primary and secondary storage being encrypted and also the loss of single sign-on between the primary directory and all connected systems (a consequence of cyber attacks for cloud-first schools). Having a policy and plan which has been tested will provide you confidence that your school can recover if the worst was to occur.
A common approach for hackers is to compromise a single school user account or computer with a virus or malware, then navigate across the school systems to where there is a repository of data and systems (such as the school servers). In almost every school 9ine have supported post-cyber attack, the poor or lack of configuration of the school network is the number one factor for the cyber attack having been successful. By configuring your school network correctly (costs nothing except the time to allow your tech team to do so), you are significantly reducing the risk of allowing a cyber attacker to get to what they want. You are also increasing the time it takes for their attack to be successful and therefore making it more likely you will detect it. Schools should configure their network with Virtual Local Area Networks (VLANs), port-level authentication, and access control lists. VLANs enable schools to segment their network and limit the damage that a cyber attack can cause. Port-level authentication and access control lists are used to control access to the network and limit the devices that can connect to the network. 9ine’s professional development for tech teams, our Tech Academy and the Network Security Pack within our software provides IT teams with the support and tools to evaluate their network configuration and implement the necessary configuration settings.
Identifying weaknesses in how secure your school's IT systems and devices are is an important step that a school can take to protect itself from cyber threats. The most effective way to do this is through a Cyber Vulnerability Assessment. This process involves looking at all the systems and devices connected to the school network and identifying whether all security updates have been applied. It also involves looking at the security settings of system components. In identifying vulnerabilities, immediate action can be taken to remove the security risk and additionally, upskill your tech team so they know where there are security risks that need regular management.
Generally speaking, having cyber defences in place essentially means being effective at managing your IT operations. Investing in the professional development of your tech team is critical for your school to develop and maintain cyber defences against the evolving cyber landscape. Schools that choose not to invest in professional development of their tech teams are most likely to compound and increase their cyber risks.
Protecting a school from cyber security threats does not necessarily require a large investment of financial resources. By implementing basic security measures such as an effective IT services policy, network configuration, vulnerability scanning, and device decommissioning, schools can effectively protect themselves from cyber threats. Effective IT operations management is essential to ensuring the ongoing security of a school's IT infrastructure. By following these basic steps, schools can provide a safe and secure learning environment for their students. Invest in professional development for your tech team by subscribing to 9ine’s Tech Academy.
Schools today are increasingly targeted by cyber attackers who use sophisticated methods to breach networks and steal or manipulate sensitive data. A...
In this blog, we outline the most common cyber threats facing the education sector and explore key questions like who commits these crimes, what is...
2 min read
Social media has become an integral part of our lives, allowing us to connect with friends, family, and colleagues. It also, however, plays a role in...