The recent spate of cyber attacks and data breaches have seen schools and universities grind to a halt, taking major systems offline and impacting classroom learning.
In March 2021, 15 secondary schools based in Nottingham were unable to access emails or their websites after a central trust that manages their systems was hit by a cyber attack. In another major incident, the DoppelPaymer crime gang claimed responsibility for a security incident that affected Newcastle University’s network and systems. Newcastle University reported "it will take several weeks" to address the issues.
The impact of a cyber attack on educational institutions goes beyond basic data theft and into major operational disruption and damage to brand and reputation. Therefore, now more than ever, it is vital that schools and university leaders understand the cyber risks they face and are adequately prepared to deal with a cyber incident.
What Makes the Education Sector Vulnerable to a Cyber Attack?
A data treasure chest for hackers and cyber criminals
Education institutions store and process huge volumes of sensitive student and staff data, scientific and research information, payment details, intellectual property, strategic partnerships, information on third parties ... the list goes on.
Many institutions are involved in valuable research or support highly sensitive government research contracts. In a world where knowledge exchange and academic freedom are core foundations, this huge 'data treasure chest' is a massive target for cyber criminals who plan to sell the information to a third party or use it as a bargaining tool and extort money.
Doing more with less
Many schools are struggling with a lack of budget and resources and are often forced to do more with less. Some of the security tools used in schools (and universities) are fairly dated and often not kept up to date. Cyber security doesn’t require investments in the best and most expensive tools. However, a lack of budget or a lower priority for security protection investments can lead to major vulnerabilities and impact a school’s ability to defend against cyber attacks and data breaches.
Melting point of devices and 'always on' connectivity
The sheer number of new students joining schools, colleges and universities, coupled with a melting pot of data assets and a relatively 'open' technology environment, introduces a plethora of cyber risks. The network is already seen as difficult for administrators to effectively secure due to ever-increasing numbers. Everything from printers to laboratory equipment is also becoming increasingly connected with the need to exchange data 24/7, 365 days. This leads to an increasing ‘attack surface’. Think of a house with a huge number of windows presenting opportunities for a burglar to break in.
The Education sector faces an evolving myriad of cyber threats ranging from simple Phishing attacks to DDOS attacks and malware.Phishing scams have also been prevalent in universities for a number of years. These take the form of an email or instant message designed to lure the user into clicking on a link or downloading an attachment in order to release personal credentials or sensitive research data.
During the start of the pandemic and subsequent shift to remote teaching, there was a huge uptake in Zoom. Cyber criminals took advantage of this by directing users to fake versions of the Zoom website, or sending them malicious executable files which appeared to be Zoom software.
Motives for recent cyber attacks in the Education sector range from basic data theft to financial gain and espionage. APT (advanced persistent threat) groups have also been known to target sensitive intellectual property for economic political espionage, while 'hacktivists' have defaced and disrupted websites as a method of protest or to call attention to a certain cause.
How Should the Education Sector Move Forward?
At a time where the global pandemic has already stretched academia resources beyond limits, university and school leaders must focus relentlessly on cyber security, especially as schools and universities start to move back to classroom environments.
The UK Department for Education (DfE) recently announced that it is working on a cyber security tool for schools. This self-assessment tool for schools will help identify areas of potential weakness and what steps can be taken to mitigate cyber risks. DfE is aiming to make it available for the next academic year.
Apart from implementing basic technical measures such as end-point protection, patching and application security, school and university leaders need to play an active role in cyber security programmes and must be able to ask the right questions, such as:
Do we have a named individual or group accountable for cyber security for our school/university?
Do we have cyber security included as a major risk on our latest risk register?
If we had a cyber attack, how soon would we know? Do we have effective monitoring systems in place to know when a breach has occurred?
How are we raising awareness of cyber threats amongst our staff and students? How are we measuring the effectiveness of this training?
Have we identified the high-value critical assets within our digital estate and how confident are we that they are secured appropriately?
Do we know who to contact if we become a victim of a cyber attack (e.g. ransomware)?
Do senior staff have a good understanding of the cyber security threats and their potential impact (e.g. social engineering, phishing etc).
How effective is our cyber incident response process and when was it last tested?
Do we have a disaster recovery and business continuity process and if so, when was it last tested?
Do we have cyber security insurance?
It is crucial that education institutions take the time to review their current cyber security posture and develop a holistic cyber strategy that spans people, process and technology.
Not sure how to get started? Book a demo of our software at a time that suits you.