Don’t Be a Victim—Preventing Cyberattacks in Schools, Colleges, and Universities


Posted on by Apu Pavithran

Unexpected days off from school usually bring shouts of glee from students and moans from parents who must quickly arrange for childcare.

While these extra “vacation” days are no surprise during winter—so-called snow days—students typically plan to go to school every scheduled day in the fall and spring, whether they attend in person or remotely. Lately, however, students across the country have been getting more and more unscheduled days off—and it isn’t due to winter storms, rolling blackouts, or any other weather-related incident.

The cause of many unexpected school closings these days is cyberattacks.

The rise in cyberattacks on educational institutions

With 1,241 reported attacks between November 2020 and October 2021, the education sector ranked in the top 10 for industries being targeted with cyberattacks.

These attacks typically take the form of a data breach, ransomware, or a denial of service. In a data breach—what people often think of as the traditional “hack”—a cybercriminal infiltrates the school’s network, often via an unsecured device, and steals valuable data. A ransomware attack encrypts the school’s data and holds it “hostage” unless the school pays up. And in a denial-of-service (DOS) attack, the attacker floods the network with so many meaningless requests it is unable to function.

Over Labor Day weekend 2022, the country’s largest school district, the Los Angeles Unified School District (LAUSD), with more than 540,000 students and 70,000 employees, was the victim of a ransomware attack. LAUSD was one of 26 US school districts, along with 24 colleges and universities, that succumbed to reported ransomware attacks in the first nine months of 2022. With ever-tightening school budgets, schools need to take protection against this risk.

Due to the escalation of attacks, the US government, through the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA), has issued a warning that the education sector is vulnerable to cybersecurity risks.

Schools, colleges, and universities collect and maintain a lot of personal data, not only about their students and students’ parents but also their faculty. Compared to their counterparts in the corporate world that have enacted stricter cyber defenses, the defenses in the education sector are often relatively lax, making low-risk, high-reward targets.

Four actions a school can take to thwart a cyberattack

If you maintain any amount of personal data, you will inevitably and eventually become a target of a cyberattack. Although schools, colleges, and universities cannot prevent every single attack, they can reduce the likelihood an attack succeeds. Here are four actions that will help secure a school’s network.

  1. Protect endpoints. The increase in remote learning has led to a vastly large number of endpoints. Schools must take proactive steps to equip all devices on their networks with restrictions and security configurations while enabling firewalls and antivirus software. Using a UEM solution, for example, can help systems detect the presence of rogue users on a device, alert admins, and take appropriate measures to stop hackers from connecting to your network. Admins can additionally use VPNs to provide another layer of security.
  2. Enforce data security. End users need to use strong passwords that are hard for other people to guess. This should be taught to students as a basic life skill, similar to other security measures students learn. Schools should audit and classify their data, encrypt sensitive data, and separate personal data from the data used for learning purposes.
  3. Manage access controls. Schools should have a database of all identities on the network and control access privileges to sensitive data. They should also adopt multi-factor authentication protocols and use single-sign-on technology to streamline the authentication process.
  4. Secure apps and resources. Schools can limit the apps and resources that can be installed on their learning devices. This can be done through a centralized app repository that contains only school-approved apps. They can also block the installation of unapproved apps through blocklists and allowlists.
While taking these steps won’t eliminate bad actors that attempt to infiltrate your network with a cyberattack, it will reduce the chance that the attack will succeed. Sure, there might still be unexpected “snow vacation” days off to enjoy, but days off due to cyberattacks may become much less threatening to everyone.

Contributors
Apu Pavithran

CEO & Founder, Hexnode

Human Element

security awareness critical infrastructure access control endpoint detection visibility & response data security application security cyberattacks network security

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community