In September last year, the UK government’s NCSC (National Cyber Security Centre), part of GCHQ, issued an alert to the academic sector following a series of online attacks against schools, colleges and universities. The attacks coincided with the return of pupils and students and prompted the NCSC to urge immediate steps to mitigate the risks, and deal with possible breaches.
Many of the incidents reported were ransomware attacks. These typically involve the encryption of data by cyber criminals, who then demand money in exchange for its recovery.
In a series of high-profile attacks, at least seven higher education institutions in the UK were hit in a global ransomware attack that targeted their US-based cloud computing provider. While no bank account, credit card or social security details of any individual were accessed, the hackers were allegedly able to steal names, gender, contact information, emails and addresses.
While schools, colleges and universities have been returning to on-site teaching, the COVID-19 pandemic has driven the move to remote learning and extended the traditional network perimeter to connect thousands of remote devices not under the control of the IT department. This has radically changed the threat landscape for education and presents new challenges for IT managers facing a radically different future of learning.
Education is a more challenging environment to protect than most businesses, largely because of the diverse user base and wide range of personal and unmanaged devices connecting to the network. These devices may also be shared with other family members, so if they are compromised, or already infected with malware and then reconnected into the school environment, that could lead to a cyber incident or potential breach.
Humans – both young and old - are often the weakest link and pose one of the biggest threats to security, whether through error, or for something more sinister. That’s why security awareness and education must be at the heart of any cyber security prevention policy - educating the educators, as well as their pupils and students.
Lesson one is learning about the risks of clicking on suspicious links. Many of us still cannot spot the nuance of clever phishing scams, so one of the best times to learn about phishing is when an error has just been made.
Defence in depth
When it comes to technology defences, a layered approach to cybersecurity is vital. While every network needs a strong network firewall, they also need a full arsenal of scanning engines to provide visibility, threat intelligence and protection against spyware and viruses, malicious apps, data leakage and unknown zero-day threats.
Then there is the problem of stolen or weak passwords. As we all struggle with remembering a multitude of long, complex and secure passwords, the use of multi-factor authentication (MFA) is compelling. MFA is simply a security system that requires more than one method of authentication to verify the user's identity for a login or other transaction such as a one-time-password sent to a mobile phone.
Utilising tools to prevent attempts to connect to malicious web sites through phishing attacks as well as preventing access to inappropriate content is also a key consideration.
Worries about Wi-Fi
As well as being a vital tool for study, we often don’t think twice about connecting to an unsecured Wi-Fi network to check emails and social media or do some online shopping. But it is all too easy for hackers to compromise Wi-Fi and even set up their own rogue hotspots that look genuine. That’s why schools, colleges and universities need to provide a Trusted Wireless Environment (TWE), that is fast, easy to manage and, most importantly, secure.
The bottom line is there is no silver bullet when it comes to defeating cybercrime – in our education institutions or anywhere else. The best way to combat the growing threat landscape is through education and by implementing a layered approach to security.