With Thanksgiving break under wraps, school districts and higher education institutions have their final holiday to look forward to as 2022 comes to a close: Christmas break. Unfortunately, administrators must understand that while they’re on break, criminal actors simply aren’t.
The education sector is especially vulnerable to cyberattacks over the holidays—that’s the conclusion of a global survey of 1.203 cybersecurity professionals by Cybereason, a cybersecurity technology company.
Cybersecurity threats are already at the top of mind for education leaders across the country considering that the education sector is now the leading target for cyberattacks. But why is the holiday season such a dangerous time for school districts?
According to the survey, criminal actors make their move when organizations are most vulnerable: on weekends and holiday breaks. For example, the Los Angeles Unified School District, the second-largest school district in the country, was hit over Labor Day weekend.
“You don’t know what you don’t know, and you can’t protect what you can’t see,” said James Turgal, vice president of Optiv’s Cyber Risk, Strategy and Board Relations and former chief information officer for the FBI, in a previous interview with District Administration. And during times when administrators and IT professionals are away from their jobs, criminal actors see it as an opportunity to strike.
In 2021, the company found that most organizations were underprepared for cybersecurity threats during these times because they lacked contingency plans and proper staffing. As a result, attacks against them took longer to assess and resolve and cost them much more money.
Some 54% of survey respondents in the education sector said it took them longer to evaluate the scope of a cybersecurity attack when it happened over a holiday/weekend break, while 42% said it took more time to respond/stop the attack, and 42% said their business lost more money.
The scope of cybersecurity threats expands far beyond just the education sector, according to the report. Globally and across multiple sectors, 88% of survey respondents said they have missed out on celebrating and/or participating in holiday or weekend events as a result of a ransomware attack. Additionally, across sectors only 7% of organizations are 80-100% staffed over the holidays and weekends.
“It’s no wonder SOC teams operate so lean on holidays and weekends: security professionals are experiencing record levels of burnout compounded by a protracted global talent shortage and relentless adversaries,” the survey reads. “But there’s no reason organizations can’t have contingency and incident response plans in place to quickly mobilize their SOC teams, IR, teams, and partners when a holiday or weekend attack occurs.”