Cybersecurity in the Education Sector

According to a report* Education and research were the most targeted sectors in India, with an average of 1,605 weekly attacks, an increase of 75 percent from previous years. Data also shows that there has been a  20 per cent increase in cyber threats to the global education sector in the first three months of 2022 when compared to the corresponding period of 2021.

Some factors responsible for this phenomenon are  the adoption of remote learning during the Covid-19 pandemic, digitization of education and prevalence of online learning platforms that tend to become targets  to attacks.

Many may not know this but higher education has long been a target for cyberattacks due to research programs with potentially valuable data. These institutions are also often considered an easy target due to a large number of users and entry points on college campuses. But attacks are on the rise – and they are not relegated to higher education.

In May, a breach of education software provider Illuminate Education exposed data of over 1 million current and former students across New York State, and K-12 schools and school districts have increasingly become targets for attack in part because of the shift to remote learning. In fact, in 2021, the education industry saw a 152% spike in ransomware attacks and an average of 22% were targeted by malware attacks each month, according to recent data from SonicWall. 

Over the last two years, cybersecurity has come to the forefront for many industries, with governments and critical infrastructure operators taking new steps to secure their digital assets. As the education industry faces the same impacts of rising cybersecurity threats, educational institutions must take the following steps to invest in their security:

Adopt a security mindset

There are two security mindsets. One philosophy that has become popular over the past several years assumes bad actors will get in no matter what, using network monitoring to identify and mitigate threats. Another involves guarding the perimeter to prevent bad actors from gaining access in the first place. 

In this instance, both have their merits – guard the perimeter to make cybercriminals’ jobs more difficult and monitor the network in case those protections aren’t enough. This is especially important for education institutions given the vast number of devices on their networks.

*Report – “Cyber Threats Targeting the Global Education Sector"

Guard the perimeter

One of the most effective ways to guard the perimeter is to adopt a Zero Trust framework – requiring continuous authentication and validation of all users before allowing access to data and applications. This can be daunting for an educational institution with many users and small IT teams - but it’s essential to ensure data remains secure and in the right hands. 

Additionally, ensure to arm users with the right tools and knowledge to protect themselves. According to Verizon’s 2021 Data Breach Investigations Report, 85% of breaches involve a human element, so humans – the users – are an important first line of defense and a critical component of your cybersecurity strategy. One way to set users up for success is to implement stronger password policies and multi-factor authentication to add a layer of protection. This is particularly important since so many educational tools run off the cloud and can be accessed nearly anywhere with just a password.

It is also important to train users – including students, educators, and staff – to watch out for signs of cyberattack. One of the most common attacks they should be aware of is Business Email Compromise (BEC), a type of social engineering scam deployed to get users to hand over fraudulent payments, login credentials, and other sensitive information. According to the Internet Crime Complaint Center, BEC attacks are the costliest, with 19,369 reports and a total loss of $1.8 billion in 2020 alone. Training users to watch out for these and other common attacks will ensure they think twice before handing over the keys to the kingdom.

Secure and monitor networks & Wi-Fi

Wi-Fi powers learning for college campuses and K-12 schools alike, and it also serves as an easy gateway for malicious attacks. One way to improve Wi-Fi security is through a content filtering service that compares requested sites against databases to deny access to potentially harmful websites. 

But guarding networks requires more than Wi-Fi security. Implementing a network monitoring solution is crucial to identify security threats and performance issues and ensure all systems are operating properly and securely. Equally important is network segmentation – dividing networks into smaller parts – so that cybercriminals can’t take down your entire network in the event of an attack.

Prepare an incident response and disaster recovery plan

With the uptick in cybercrime in educational institutions, it is only a matter of time before your school becomes a target. This makes incident response and disaster recovery planning crucial for education providers. One of the most important steps to prepare for a breach is backing up critical data. This ensures that the mission-critical data is available even in the event of a breach - without paying a costly ransom. A proper plan should also inform educators and other users of what to do and who to go to in the event of a suspected cybersecurity incident so that IT and security teams can respond quickly and minimize damage. If 2021 was any indication, the threats facing the education industry aren’t slowing down any time soon, with never-before-seen malware and other threats continuing to rise. But if education providers prepare, they can greatly improve their chances against cyber criminals. 

The author is Regional Sales APJ at SonicWall Inc.