The education sector is under attack.
It’s only a few weeks since term began and it’s already been reported that at least two schools in the UK have suffered cyber attacks, which have delayed their start dates and left their pupils’ education in limbo.
From Charles Darwin High School in London to Canvey Infant School in Essex, these schools have come face-to-face with the harsh realities of ransomware.
Their networks have been infiltrated by malicious actors, who have then encrypted their data and demanded a payment for it to be returned.
Ransomware attacks are rife today and cost UK organisations billions every year. The attacks plunge organisations into a standstill, where they can no longer access their critical data which brings their operations to a halt.
The UK government has recently pledged to never pay the demands set out by ransomware criminals, seeing payments as fuelling the industry. This means it’s highly unlikely any schools will pay any of the ransoms set by adversaries, but this doesn’t make the education sector any less of a target.
Some criminals are purely motivated by destruction, knowing that even when schools don’t pay a demand, rebuilding their data from scratch is a massive job that also comes with a hefty price tag.
Understanding the threat to schools
A recent UK government breaches survey revealed that 71% of secondary schools have identified a security breach or attack in the last year.
The reason for this surge in attacks is largely because of a lack of budgets to adequately defend their architecture and because of the size of their environments, which often must facilitate access for hundreds of pupils.
While in higher education institutions, like universities, Chief Information Security Officers (CISOs), will be appointed to manage security, in most primary and secondary schools the IT team is designated the job of securing the digital estate.
However, these teams are often small, under resourced, under skilled to deal with today’s sophisticated attacks, and security is only one part of their remit. This can add pressure to IT teams and can also result in them missing key alerts, which can then escalate into full scale attacks.
Furthermore, because pupils need to access school networks, it’s difficult to implement tools like Multi-Factor Authentication (MFA). MFA is a security solution which limits a criminal’s ability to compromise systems via a single password, as users need to authenticate themselves via two devices, such as a mobile phone. But, within school settings not all pupils have mobiles, which makes the feature difficult to adopt. This also means a single compromised password can provide criminals with full access to school networks, significantly heightening risks.
Schools will hold vast amounts of confidential information on pupils, which can seriously impact their safety and privacy when it falls into the hands of malicious adversaries.
Furthermore, there have also been cases in private schools, like the recent attack against Fettes College, where criminals obtained sensitive data relating to high-profile parents and used it to con them out of money. This damaged the school’s reputation and angered parents who wanted to understand why more wasn’t done to protect their data.
Given these risks, and the fact that attacks targeting schools are at an all-time high, how can they better protect their environments?
Bolstering cyber resilience in the education sector
Cyber crime is no longer a minor technical issue that impacts computers and software, today its ramifications are far reaching and have very personal and physical consequences.
As a result, weaving it into the responsibility of the IT team is no longer viable.
It needs to be viewed as a credible and likely threat that is continually tracked and defended against. However, given that very few schools have the resources to do this internally, partnering with a security service provider is the clear solution.
The best way to boost cyber security within the education sector is to work with Managed Security Service Providers (MSSPs) who are experts in cyber defence.
These partners can alleviate the burden cyber places on internal teams, while offering expertise and 24/7 protection. They can monitor the school digital estate for potential malicious activity, and ensure all systems, applications and assets are configured correctly to enhance security.
This is far more cost-effective than employing multiple full-time members of staff to run security internally, and because MSSPs defend the architecture of multiple organisations, they have a much closer understanding of threat trends and attacks techniques, which means they can more easily identify threats, even when they are novel and sophisticated.
UK schools are currently experiencing a significant increase in cyber attacks, which are putting pupils at risk. Education is being delayed and sensitive data is now frequently making its way into the hands of dangerous cyber criminals.
To tackle this issue effectively, schools need to rethink how they manage the security of their infrastructure.
The most effective way to do this is through partnerships, where schools rely on the expertise of security service providers to bolster cyber resilience.
Not only does this cut costs, but it also makes it much harder for criminals to compromise their infrastructure and cause damage to both school data and pupils.