Educational institutions, unlike businesses, are not typically subjected to concentrated attack campaigns. However, their vulnerability stems from their comparatively weaker defenses. Cybersecurity experts warn that schools must not underestimate the potential for disruption posed by cyberattacks, especially at the onset of a new academic term.
The National Cyber Security Centre (NCSC) has issued a stern directive, urging schools to adopt "appropriate security measures" to counteract potential threats effectively. Although there is no specific indication of an imminent surge in threats as schools reopen, the consequences of an attack during this critical period could be particularly severe.
Don Smith, Vice President of the Counter-Threat Unit at cybersecurity firm Secureworks, emphasizes the need for vigilance during this period of transition. Smith highlights potential vulnerabilities, including the creation of accounts for new students and staff, as well as schools' stances on portable devices like laptops and tablets.
Smith explains, "Summer is a time when people use their devices for leisure activities, such as games. If you've allowed teachers and students to take devices home or bring their own, these devices may have picked up infections and malware that could infiltrate the school network and create problems."
One significant challenge facing schools is limited budgets and competing spending priorities. These constraints may leave educational institutions with inadequately fortified cybersecurity defenses. To address this issue, experts advocate for adopting "basic digital hygiene" practices, such as implementing two-factor authentication for school accounts and ensuring that computers and software remain up-to-date.
Furthermore, students and teachers should receive periodic reminders about staying safe online. This includes reinforcing the importance of strong passwords, avoiding suspicious downloads, and recognizing phishing attempts in emails. Smith underscores the evolving nature of cybersecurity responsibilities, stressing that all users should possess a fundamental understanding of cybersecurity principles.
A recent study revealed that one in seven 15-year-olds is at risk of falling victim to malware emails. Phishing emails, designed to appear legitimate, but deceive recipients into visiting malicious websites aimed at stealing their data. Among teenagers from disadvantaged backgrounds, this risk increases to one in five, especially for those with weaker cognitive skills. Experts stress that more comprehensive education is needed to help teenagers navigate an increasingly complex and dangerous online world.
The NCSC (National Cyber Security Centre), a division of GCHQ (Government Communications Headquarters), has previously sounded the alarm about the surge in ransomware attacks targeting the education sector. Ransomware attacks involve cybercriminals gaining access to a victim's network and deploying malicious software to block access to computer systems until a ransom is paid.
While ransomware attacks experienced a temporary dip to a four-year low in the first quarter of 2023, they have been steadily on the rise since then. SonicWall's Spencer Starkey highlights that schools are "powerhouses of data" and enticing targets for hackers pursuing financial and phishing scams.
As students return to the classroom and schools increasingly rely on internet-based tools for education, the imperative for schools to prioritize cybersecurity becomes evident. Spencer Starkey emphasizes that schools must allocate resources and adopt a cybersecurity mindset to protect both their data and the students they serve.
A spokesperson from the Department for Education reiterates that education providers bear the responsibility of comprehending cybersecurity risks and implementing appropriate measures, including data backups and incident response plans. The Department further assures that any reported cyberattacks are closely monitored, and regional support is readily available. Importantly, there is no evidence to suggest that cyberattacks of this nature are on the rise.
In conclusion, as a new academic year unfolds, schools must heed the warning bells of a growing cyberattack threat. By fortifying their cybersecurity defenses and imparting digital safety awareness, educational institutions can protect their students, staff, and critical data from the perils of the digital world.
101 Digital Frames is a full-service digital marketing and web design agency that helps businesses grow online. We offer a wide range of services, from website design and development to SEO, video editing, and graphics design. Our team of experts has the knowledge and experience to help your business achieve its online goals.