Schools, here’s how to stay cyber-safe in the age of remote learning

November 2, 2020

Cybersecurity has always been a stresspoint for schools, and the shift to long-term remote learning has only exacerbated the issue from a budget and vulnerability perspective.

Cybercriminals are taking notice of the seemingly endless vulnerabilities schools face. Take the explosive ransomware attack on the University of Utah from earlier this summer, or the malware attack on the Rialto school district in California, for example. Even with a rapidly increasing attack surface, schools aren’t exactly able to drain their already-limited funding on transforming their IT infrastructure in the midst of a global pandemic.

However, it is possible for schools to reduce risk by understanding where they are most vulnerable, taking the time to educate teachers, parents and students, and adopting certain tools and strategies to prevent targeted attacks on remote learning networks.

The most common risks schools face

Let’s dig into the crux of the issue: why are schools typically more vulnerable to cyber threats than other businesses or nonprofits?

For starters, schools traditionally have corporate-size IT networks, but only a portion of the budget, resources, and staff to secure them. They host massive amounts of sensitive user data, spanning from students, to teachers, to administrative personnel, and even parents. School networks are typically open and accessible, especially in this new all-remote environment, but this openness is what also makes them more vulnerable. There's a great deal of new technology being implemented to quickly deploy these remote learning networks. What's dangerous is that this could lead to new vulnerabilities unknowingly susceptible to cybercriminals.

The most common risks that schools face from a cybersecurity perspective include data breaches, ransomware, and social engineering fraud. Schools will likely face these attacks in the form of email compromise, leading to either a ransomware attack or funds transfer fraud.

These types of attacks can be debilitating for any organization. In our experience, few companies (regardless of industry) are prepared, and the losses can be catastrophic. A recent study of claims reported by our policyholders across industries ranged in size from $1,000 to well over $2,000,000, with ransomware or funds transfer fraud making up 68% of all the claims we saw in the first half of the year.

All this to say, the probability for loss is not in favor of schools right now. But there are ways to lessen the probability of attack.

Employee education

One of the weakest points in the security of any organization is the human factor. From falling for phishing attacks to accidentally downloading malware, human error is most often the root cause of data breaches and can be a huge issue for schools that haven’t implemented “Security 101” in the past. Now that everything is happening online for schools, the first step in preventing major loss from a cybersecurity breach is education itself.

Security awareness training is not intended to teach organizations to be cybersecurity experts. But instead, it teaches teachers, students, and parents to be aware of potential threats: whether it’s phishing scams, or even the “Zoom bombing” techniques that emerged in the US a couple of months ago.

If members of a school community can simply identify a suspicious email, they’re already ahead of the game when it comes to preventing a cyber incident. Not to mention, it puts them on the path to building a more security-aware culture and mindset.

Cyber strategies for success

Beyond security awareness training, there are additional tools and strategies that schools should leverage to stop cyber incidents in their tracks. Turning on multi-factor authentication (MFA) for all school services, including teacher and student email accounts and any other application where sensitive information is stored, can help to prevent phishing. Also, it’s never too early for students to begin learning how to incorporate this tool into their online lives outside of school.

With a new slew of data brought in by remote schooling, educational facilities should also regularly back up their systems and store backups in an “offsite” location. Offsite should mean a location that is not connected to a main network that makes it far more difficult for a criminal hacker to delete or encrypt backups.

The concept of school “cybersecurity” has been completely disrupted by remote learning protocols. While security incidents aren’t entirely preventable, schools need to have a deeper understanding of where initial vulnerability issues lie, where community training can help, and the tools that can prevent cybercrime to stay afloat this school year.

Jeremy Turner is Head of Threat Intelligence at Coalition. From management consulting for the F500 at a firm of retired CIA executives, to conducting incident response at the Pentagon, solving cyber risk is the source code that initializes daily for Jeremy.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.