This past school year was filled with several high-profile cybersecurity incidents, including a ransomware attack targeting the Los Angeles School District and a massive leak of sensitive files belonging to students and staff at Minneapolis Public Schools on the dark web. Needless to say, leaders should anticipate even more threats this upcoming school year, and preparation this summer break is crucial.
“Cybercriminals look to get maximum reward for the least amount of work, and schools that let their guard down during summer (and other) breaks hand this dangerous combination over to hackers,” says James Turgal, Optiv’s vice president of cyber risk, strategy and board relations.
Although schools aren’t currently in session, school applications and networks still pose a significant risk, especially if your IT teams aren’t regularly monitoring them for suspicious activity, he adds.
This summer, he recommends district and IT leaders leverage these four preventative tactics in order to ensure the protection of security networks:
- Automation: Use automated tools, wherever possible. Automated monitoring and alert systems can keep an eye on your network, send alerts when something suspicious is happening, and sometimes even take basic actions to stop threats.
- Cloud-based security services: Cloud-based security services can provide round-the-clock protection without the need for a constantly staffed IT team. This might include services like managed firewalls, intrusion detection systems, and anti-malware.
- Update and patch management: Ensure all systems are up to date with patches and updates before leaving for the break. This can help to protect against known vulnerabilities. Consider using automated patch management tools, if available.
- VPN and secure remote access: If staff need to access systems remotely, make sure they are doing so in a secure way, such as through a VPN. This encrypts their connection, making it harder for hackers to intercept the data.
“Remember, the threat actors do not take a summer break,” he says. “Security is not a one-time event but a continuous and evolutionary process. Even if you have minimal staff over the summer, it is important to maintain good security practices.”
How to communicate to your district post-cyberattack
One of the greatest challenges leaders face in terms of cybersecurity involves the inevitable conversation you must have with parents and families whose students’ data may have been compromised in the event of a cyber threat. Turgal says your first step should be to conduct a post-incident analysis in order to adequately determine who and what has been impacted.
“Districts also need to provide transparent communications to their communities, including details on what happened, what data was exposed and how they are going to remediate the problem,” he explains. “They also need to provide recommended next steps for staff, parents and students.”
To that end, districts should consider offering staff and parents of children who have been impacted by a cyberattack a free one-year subscription to an identity theft solution. Furthermore, he advises leaders to provide victims with the following recommendations:
- Check credit, generate a credit report and consider a credit freeze.
- Monitor Social Security numbers.
- Change usernames and passwords.
- Set up multi-factor identification on all devices.
- Check on bank accounts frequently.
- Watch out for suspicious charges or demands for loan payments.
- Do not reply to odd or unsolicited emails.
- Install anti-malware firewall protection.
- Look out for:
- Collection calls or notices for a debt incurred in their child’s name.
- Mailings generally for someone over 18, such as pre-approved credit card offers, jury duty notices or parking tickets.
- An insurance bill or explanation of benefits from a doctor listing medical treatments or services that did not take place.
- A notice from the IRS that their child’s name and/or Social Security number is already listed on another tax return.
Ensuring a safe and protected 2023-24
In addition to bolstering your district’s security networks this summer, preparation for the upcoming school year should also already be in the works. Turgal cites recent research from the Consortium for School Networking, which revealed that two-thirds of districts do not have a full-time employee dedicated to network security.
“With cybercriminals increasingly targeting education organizations, this is an eye-opening statistic,” he says.
In summation, it all comes down to mastering basic security fundamentals, Turgal declares. Here are seven preventative solutions districts can start working on now to cultivate a safe and secure school environment for students and staff:
- Conduct ongoing training and awareness for employees and students.
- Enforce strong passwords (12 or more characters with a healthy mix of lowercase and uppercase letters, numbers and special symbols).
- Leverage multi-factor authentication.
- Use multi-later security (including firewalls, anti-virus solutions and anti-malware software).
- Prioritize encryption.
- Back up your data.
- Implement access controls.