A high school student in Miami hacked into a teachers' computer to change his grade; in Montana, a district was shut down for three days after hackers sent parents and faculty threatening messages and demanded a bitcoin ransom--they were not alone: in 2018 alone, at least three other states have been involved in extortion-type hacks. Cybercrime in education is on the rise: is your school prepared? This post will look at the 9 actions that should be on every IT Administrators cybersecurity checklist to make sure their school isn’t the next one to be attacked.
1. Identify Your Vulnerabilities
The first mistake of most schools is believing that they are either safe from attacks or they are too small of a school for anyone to want to attack them.
The Readiness and Emergency Management for Schools has prepared the following document that outlines specific threats that any school can face. Among them:
- Data Breach - Occurs when sensitive data (such as student records) is obtained with the intention of being posted in an unsecured environment.
- Denial of Service Attack - An attack meant to shut a network down by flooding it with traffic, which triggers it to crash.
- Spoofing, Phishing, and Spear Phishing - Happens when a person sends an email that attempts to make the individual think it's someone else. The goal is to get the person to reveal sensitive information (credit cards, passwords, banking accounts, etc.)
- Malware, Scareware, and Ransomware - Viruses that attack your hardware.
- Unpatched or Outdated Software Vulnerabilities - Meant to keep your software and hardware up-to-date.
- Removable Media - USB drives and other devices that can be plugged into hardware.
There will be actions for each of these attacks below.
2. Data Breach
The reason many schools are so vulnerable to this kind of attack is that they believe it’s something you can address one time and never come back to it.
Ensuring that your data is protected is something you need to address and adjust regularly. Many schools haven’t updated their firewalls in years.
If your school isn’t using a Next-Generation Firewall, then it’s time to start researching how to fix this.
Schools should also restrict access to data and ensure that only employees who need the data for their jobs have access to it.
Simple human error contributes to many data breaches. This includes leaving computers in an area where there are no locks or safeguards--any person could quickly sit down at the computer while a staff member steps away for coffee or to use the restroom.
3. Denial of Service Attack
Schools don’t have the same influence as larger institutions; they aren’t as vulnerable to people wanting to crash their network as a form of protest.
Just because school’s aren’t as vulnerable as businesses, doesn’t mean they’re safe. There are several reasons someone might want to attempt an attack on your network:
- A disgruntled parent or student wants to get revenge.
- A student wants to get out of a test or school activity--think of it as the modern equivalent of pulling the fire drill.
- Just because. Anyone who has worked in education long enough knows that students sometimes do things just to prove they can.
How do school’s stop it?
The easiest way is to realize your school's resources are too limited to do it on your own. Instead of bringing in a security consultant, look to software that can provide you the protection that you need at a reasonable rate.
Incapsula is one solution that is used by schools around the country to protect their network against attacks, but there are several others.
4. Spoofing, Phishing, and Spear Phishing
The first step in preventing this kind of attack is educating your users (see point below).
No matter how much time you spend educating staff, there will be people who mistakenly are spoofed. The following steps below can ensure your school is more protected:
- Deploy a SPAM filter that detects things such as blank senders and viruses.
- Make sure your system has all the most current patches and updates (see point below).
- Implement a two-factor authentication.
- Have a security policy that includes password expiration.
- Install an antivirus solution (see point below).
5. Malware, Scareware, and Ransomware
One of the most vulnerable targets of viruses is students. Students can be easily fooled into clicking on things or installing software that they think will do something else. This can be a big problem for schools.
There are dozens of antivirus solutions out there. What’s right for your school? The keyword there is school. Not all virus filters are created alike. Some are better for small networks (like homes) and would not adequately protect a school.
This article outlines the pros and cons of different solutions for your school.
6. Unpatched or Outdated Software Vulnerabilities
One of the most significant vulnerabilities for schools is an easy one to fix: update your software.
How many times have you seen an update notification and put it off? They come out so often it’s easy to ignore them and just wait for the next one. Don’t!
Patches and updates are typically released because vulnerabilities have been found in the software and the updates fix them.
7. Removable Media
One of the easiest ways to get a virus onto a computer is through removable media (such as USBs or memory cards).
Installing antivirus software will help prevent this, but there is more you should be doing. Here are a few more tips:
- Remind staff to keep their business and personal life separate; personal USB drives that are used with home computers should not be used. Additionally, “found” media should never be used on a computer to see who it belongs to.
- Disable autorun / autoplay from all of your devices.
- Use removable devices that are encrypted; if the device is stolen, then it’s useless to anyone who finds it.
8. Educating Faculty
Many of the worst attacks don’t come from hackers outside your school’s network; they come from within; they come from unsuspecting students who have been given privileges from teachers.
No teacher wants to believe their students are capable of malicious cyber attacks.
Teachers should follow the rules below:
- Never leave their computer unattended.
- Make sure the computer needs a password whenever it goes into standby or is restarted.
- No student, however innocent they seem, should be given unrestricted use of your computer.
Some schools have taken it a step further by requiring employees to log in with an extra form of encryption, such as the Titan Security Key.
It’s also important to educate staff about the kinds of attacks your school is vulnerable to, so they understand how someone might try to do damage.
9. More to Consider
In addition to the above actions, schools should think carefully about how they protect the hardware itself.
What happens in the case of natural disasters, accidental drops, and break-ins? How is your hardware protected from these threats? And what, if anything, do your warranties cover?