Protecting your schools as cyberattacks rise

Think cybersecurity won’t or can’t impact you?

Well, you would be wrong.

The number of cyberattacks only continue to grow. Virtually every business you can think of has been hit–cybercriminals have targeted the pipelines we rely on for oil and gas; the hospitals we turn to in times of need, even the social media companies where we connect.

Nowhere is this more true than in our schools.

Just this past September, the Los Angeles Unified School District (LAUSD), the second largest in the country, announced it was the victim of a ransomware attack, with cybercriminals infecting the district’s computer networks, locking up files, and stealing data. In early October, the attackers followed through on their threat to release the stolen data if a ransom was not paid.

LAUSD is far from the only district impacted. One cybersecurity firm reported that this was the 50^th attack on US schools this year. Ransomware attacks are particularly common cyberattacks in school districts because schools are chronically underfunded and understaffed to respond to cyber events. Ransomware is designed to encrypt all systems and devices, ultimately forcing some services to shut down. The cost of paying the ransom may be cheaper than getting the system up and running again, so the payoff to criminals is almost certain, and the likelihood that attacks will continue is almost guaranteed.

This begs the question: what should school districts be doing to protect themselves?

It comes down to three steps: Protection, Detection, and Response:

Protection

The vast majority of breaches are crimes of opportunity, so closing defensive gaps and having the right solutions such as Multi-Factor Authentication (MFA), Email Security, and Endpoint Management solutions in place is the best first step. More importantly, keep all the technology you already use current. Vendors will keep their solutions updated to respond as cybercriminals change their infiltration methods and become more sophisticated in their attacks. School districts should continuously invest to keep technology current. Delaying refreshes could leave them vulnerable.

They should also focus on services that are most critical. If there is an attack, which of these services needs to stay up and running? Consider bus scheduling, online or on-premise learning systems and payroll. Make sure these services and any systems that house personally identifiable information are protected with access controls like MFA, and limiting administrative access only to a small, well-trained, few.

Lastly, and this will be a frequent theme, cybersecurity isn’t any one person’s job, and school districts certainly don’t have to navigate this minefield alone. They should invest in year-round cybersecurity training for everyone: staff, students, parents, administrators, and technology support staff. In fact, organizations with strong people, processes, and technology see a 3.5 times performance increase in their detection and response outcomes. To do this, they can partner with federal, state, and local governments to apply for funding to support cybersecurity efforts.

At the federal level, the Biden Administration signed the “K-12 Cybersecurity Act” last year. This law requires the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) to team up with the Federal Bureau of Investigation (FBI) to investigate all attacks in K-12 schools. The bill also requires these agencies to produce comprehensive cybersecurity toolkits in an effort to help educate school IT professionals, teachers, faculty, and students.

Detection

If an attack does break through protections, it should be detected and identified. Again, this doesn’t have to be done alone. The Center for Internet Security Multi-State Information Sharing and Analysis Center is a great resource to receive real-time threat information. Data indicates that teams who use threat intelligence are twice as likely to report strong detection and response capabilities. After all, it is a lot easier to detect a threat if you know what you’re looking for. Teams also need security that is integrated throughout a school’s connected systems. You can’t respond to threats you can’t detect, so a good place to start is a strong extended detection and response (EDR) solution that enables teams to monitor and identify potential issues.

Response

School systems practice drills for physical campus threats, severe weather threats, and potential fire dangers. They should also be practicing for cyber incident responses using Incident Response playbooks. Strong data backup strategies can help minimize downtime from things like ransomware attacks, while having mobile device management (MDM) capabilities can enable schools to quarantine or completely wipe compromised devices.

A third time – just for good measure – school districts aren’t in this alone. Cyber insurers, the FBI, state response groups, and the private sector all have a role to play in supporting how school districts respond to cyber emergencies. The specific strategies employed will vary based on the capabilities and maturity of the school’s security program.

Creating a Plan

No industry is immune to the cybersecurity threats. Schools must protect student data and maintain critical services that serve a vulnerable population. Working with trusted security providers to create a plan that prevents, detects, and responds to cyberattacks is more important than ever.

Author
Recent Posts

eSchool Media Contributors

Helen Patton, Chief Information Security Officer, Security Business Group, Cisco

Helen Patton is the Chief Information Security Officer, Security Business Group at Cisco.

Latest posts by eSchool Media Contributors (see all)

3 strategies to streamline K-12 data management - September 25, 2023
Dear parents: 3 ways AI will show up in your child’s classroom this year - September 22, 2023
Technology is key to educating the next generation - September 21, 2023

How immersive technology can empower students (and teachers) to learn

Immersive, experiential technology is transforming how both students and teachers learn. Augmented and Virtual Reality (AR and VR) provide deeper engagement, opportunities for collaboration.

Digital Learning Tools

6 benefits of immersive learning with the metaverse

The metaverse is a tool that blends experiences typically associated with either the virtual or physical worlds. It can deliver greater immersive learning for students while also creating some new and exciting teaching opportunities. For educators, it is crucial to not only understand what the metaverse is and its uses within education but to also realize the benefits of immersive learning with the metaverse.

Sign up for our K-12 newsletter

Use tech to reassess assessment

Big Deals: Advanced offerings in curriculum and data analytics, parent communication, remote tutoring, and more

What keeps edtech leaders up at night?

Digital citizenship, digital literacy, and education

Will, skill, & thrill: How learner agency accelerates innovation

Technology’s key role in personalization and differentiation

Most Parents Think Teachers Are Fully Prepared to Deliver Science of Reading-Aligned Instruction; Educators Are Less Optimistic

Roylco Secures “Best STEM Building Toy” in Best Building Toys for Kids, According to Experts

Research-Based Digital Family Engagement Program Set to Expand Student Support

Discovery Education and Leading Corporate and Nonprofit Partners Launch First-of-Its-Kind Initiative Supporting Sustainability

BIOZONE’s High School Biology for Texas achieves Top Marks

Sign up for our K-12 newsletter

Login