Zero-day vulnerabilities are particularly dangerous because no known security patches are available and grant attackers an open window to cause serious damage. Vulnerabilities were found within Apache Log4j, a popular tool within the Java programming language, which has allowed attackers to gain access to VMWare Horizon servers. Many private and public organizations rely on VMware’s services, and three weeks passed before a patch could be developed.
Perform routine checks and apply remediation measures immediately
Performing routine checks can help school administrators understand which areas of their organization are most vulnerable. Running simulated penetration tests of your network, where you intentionally try to break into your system using proven hacker methods, can bring to light hidden entry points that criminals would otherwise use. It’s helpful to continuously view your organization from a hacker’s perspective as it forces you to consider all possibilities during normal operations and when configuring assets or network-related parameters.
Automate this process and schedule routine pen-tests to ensure new vulnerabilities are found before they are exploited. It is difficult to argue the benefits of pen-testing when universities discover data breaches during scheduled tests.
Have a contingency plan for when your systems are under attack
A school district or university administrator never want to find their organization the victim of a data breach or ransomware attack, but it is becoming a likely scenario for which everyone has to plan. Cyber incidents cause severe financial, reputation, and data security, but the damage can be reduced by preparing for the worst.
A comprehensive contingency plan helps staff prepare for a scenario when critical services are disrupted and outlines procedures to help bring them back online as soon as possible. It’s also important to consider how online learning has multiplied the IT platforms necessary to deliver these remote services. Teachers and students need access to learning material from multiple devices, IT administrators need a framework to deploy software/applications, etc.
A contingency plan should consider the following:
- Identify and prioritize critical IT infrastructure to maintain minimum service delivery or prevent a total shutdown
- Design recovery methods to restore offline systems like system back-ups or alternative hosting sites
- Training and exercise opportunities for employees to prepare for network attacks
- Plan management to ensure it is up to date with the latest changes
Keep up to date with government advisories
The K-12 Cybersecurity Act tasked the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to research the effects of cyberattacks on K-12 schools. The act is not designed to enforce compliance with cybersecurity mandates but rather to look deeper into the security flaws in the US public education system and provide recommendations for future guidelines. Following the research, CISA has published multiple reports on K-12 School Security. To find their latest publication, click here.
- The pulse of K-12: How superintendents are taking on 2023’s biggest challenges - March 31, 2023
- Students need freedom to develop critical skills with edtech - March 31, 2023
- 4 steps to avoid a ransomware attack - March 30, 2023