In early March, 15 schools in the United Kingdom reported they were made incapable of delivering online learning for students after a cyberattack forced the education trust to shut down all systems to investigate whether the cybercriminals accessed the central network infrastructure. The increased reliance on e-learning has made schools around the world an even bigger target of opportunity than before. If the technology is taken down, education can come to a complete halt. Add to this the wide prevalence of bring your own device programs for e-learning and the access from insecure home networks, and you have a perfect storm for the sector and a huge target for criminals.
The problem has become so severe that the NCSC recently issued an alert to the UK Education sector after seeing a spike in targeting the sector, underlining the fact that threat actors are going after the education industry specifically, as well as it being the target of opportunity.
Schools already have challenges giving enough resources to cyber security in both funding and staff. The NCSC guidance underlines the importance of doing the basics, but that further recommends a defense in depth strategy. This obviously comes with a financial cost. It really is unacceptable that threat actors are targeting children’s education, and that funds must be diverted from front line-learning activities into preventing criminal elements from plying their trade.
Educational institutions also typically hold massive quantities of personal data on students, alumni, and parents, as well as teachers. This presents a treasure trove for an attacker, as seen in the Blackbaud attack back in July 2020. This kind of data may be used for further phishing campaigns using the name of the educational institute and some valid data to lend credibility.
- K-12 staffing shortages threaten reading instruction–AI can help - October 5, 2022
- How schools can become air quality champions this year - October 5, 2022
- Using online modules to strengthen teacher leadership programs - October 4, 2022