GCHQ Sounds the Alarm: How Schools Can Protect Themselves from Cyber Attacks
The education sector has been rife with cyber attacks in the last few years, as criminals take advantage of over stretched IT teams and undereducated teachers and faculty staff.
Last week, a report from the The National Cyber Security Centre (NCSC) and edtech charity LGfL further proved this point. The paper reported that a staggering 78% of UK schools experienced at least one type of cyber incident in 2022, with 7% reporting significant disruption.
This comes on the heels of a string of high-profile attacks on schools in both the UK and US. With hackers constantly improving their methods, it is crucial for schools to improve their cybersecurity defences and be better prepared to handle incoming attacks.
Schools at ‘particular risk’
As the NSCS warns, schools are prime targets for cybercriminals due to their handling of sensitive data on students, parents, governors, and staff. The organisation describes the education centre as being at “particular risk” of cyber attacks, which can result in financial losses and compromise the privacy and security of a large range of individuals and groups. The top three attacks used to target schools were phishing, spoofing, and malicious software, such as malware, viruses, and ransomware. Phishing, in particular, is a major threat to staff members that may have a lack of awareness as to how to gain access to systems, steal data or spread malware.
Despite this, the report offers some optimistic notes. School awareness of, and preparedness against cyber threats has increased since the last audit in 2019. 53% of schools reported feeling prepared for a cyberattack, compared to 49% in 2019. Awareness of phishing in schools has also increased from 69% in 2019 to 73% in 2022. Additionally, 55% of schools have implemented cybersecurity staff training for non-IT staff, compared to just over a third of schools three years ago.
Education, and monitoring the networks
More still needs to be done. With the reliance on technology in education, it’s crucial that schools have more robust cybersecurity measures in place. From online learning platforms to student information systems, technology plays a vital role in modern schools. To protect themselves from these threats, schools should first prioritise staff training and awareness efforts. This includes educating staff on how to spot and avoid phishing attempts, as well as providing training on security best practices.
However, with modern attacks so prevalent, there needs to be extra levels of defences available. With intruders knocking on the door at a near-constant rate, it’s a question of ‘when, not if’ that a bad actor breaches the network. Therefore, schools need a way to stop the hackers that have already got into the network from causing damage. When it comes to remediating threats, speed is of the essence. A few seconds can mean the difference between disaster or minor inconvenience.
Leverage cutting edge technology like Network Detection and Response (NDR) can assist schools with monitoring networks. NDR solutions use real-time data to monitor activity on the network and determine whether something is a problem or not. This type of tech has vital risk scoring capabilities that take into account the likelihood of an issue, how complex it is, and how many times this activity has happened to determine a score of low, medium, or high risk. This helps filter out false positives and allows security teams to focus on high-risk. Better yet, these technologies are fuelled by AI and Machine Learning, which mean they can operate with a level of independence that already overstretched IT teams will welcome.
No big secret, action is needed
In conclusion, the NSCS report simply adds another reputable voice to a well-known conversation. It’s no secret schools are at an acute risk from hackers, and must stay vigilant to protect themselves. While many schools may not have the same resources as large corporations to invest in the latest technology, they can still take steps to enhance their security.
One effective approach is to invest in staff education and training on cyber security best practices, as this can greatly reduce the risk of a successful breach. However, education alone is not enough. To ensure maximum protection, schools should also consider implementing an incident response plan that utilises cutting-edge technology such as Network Detection and Response (NDR) to constantly monitor networks and quickly detect and respond to any potential threats.
By Jamie Moles, Senior Technical Manager, at ExtraHop
Responses