Globally speaking, the education sector is underprepared for cyberattacks and phishing attempts—a one-two punch of threats that are only growing in complexity and scale, a new report suggests.
Over the last several years, K12 and higher education institutions have expanded cloud services, mobile devices and hybrid learning environments. As a result, they’re managing increasingly complex identity and access controls, an analysis from security awareness training provider KnowBe4 suggests.
Artificial intelligence also creates new challenges for IT leaders. Cybercriminals are now targeting both on-premises and cloud-based AI systems and data that have not been fully secured, according to the research.
Assessing the vulnerabilities
Large amounts of sensitive data make K12 schools a prime target for cyberattacks and the risks associated with a poor security network are vast. Let’s start with the emotional impact cyberattacks can have on school districts.
When a student’s personal information is exposed, it often triggers an emotional response from students. The consequences, including those students being harassed online, feel more severe than cases that involve adults.
Cyberattacks can also damage a district’s reputation. For instance, if students’ personal data were to be published on the dark web, the emotional impact would likely escalate even further.
“Cyber-attackers leverage this heightened risk, as they appreciate these institutions are more likely to pay a ransom to prevent data from being exposed,” the report reads.
Finally, an outdated IT system is one of the primary ways cybercriminals gain entry into school security networks. The research notes that in the United States particularly, students and staff are more likely to use personal devices for educational purposes.
“An attacker’s search for an open door is helped by the fact that with limited resources, and increasing demands for modernization, schools and universities often mix modern and legacy IT systems, which can leave highly sensitive personal information on outdated and exploitable systems,” according to the report.
More from DA: Academic recovery faltered. Here is how to reset
Phishing: What to look out for
Ransomware attacks are the most prominent form of cyberattacks in the education sector. The report points to Trustwave research that analyzed 352 ransomware claims against education institutions and noted the specific tools used by cybercriminals to gain entry.
Phishing stood out as the most common method for invading schools’ security networks. Rather than looking for vulnerabilities in schools’ software systems, criminals found it easier to target staff, students or others who have access.
More often than not, the “phisher” is looking to achieve one of three objectives:
- Credential theft, achieved by tricking the user into entering their login information.
- Malware insertion, which occurs when users click on or download attachments containing PowerShell scripts or JavaScript, or enable macros in a document.
- Other actions, including persuading the user to disclose confidential information or perform actions under false beliefs that they are applying for a job or engaging in school-related processes.
For more information, read the full report here.
