As students and teachers settle into a new school year, the threat of cyberattacks looms large.
Just last year, 56% of K-12 education organizations and 64% of higher education organizations suffered ransomware attacks, according to Sophos’ State of Ransomware in Education 2022 study. There were 67 individual ransomware attacks on schools and colleges, per Comparitech data, while 954 separate schools and colleges—and almost one million students—were potentially impacted.
Schools lost more than four days—almost a full week of school—on average to downtime and spent nearly a month (30 days) recovering from the attack. Ultimately, ransomware attacks cost U.S. education institutions $3.56 billion in downtime alone in 2021.
Unfortunately, new year. Same problem.
Microsoft Security Intelligence reveals that from April 15 to May 15, 2022, over 80% of all cyberattacks targeted U.S. public schools. Most recently, hackers infiltrated Los Angeles USD, the country’s second-largest school district with over 600,000 students. This incident prompted a warning from the FBI, the Cybersecurity and Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center that “attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks.”
School districts that have “limited cybersecurity capabilities and constrained resources” are, obviously, the most at risk. However, even those with vigorous security programs are still targets. Here are three precautions all schools can take to mitigate cyberattacks.
1. Secure your data with appropriate solutions
Sufficiently protecting student information from any sort of breach or exposure is priority number one. Managed detection and response (MDR) services are that first line of defense.
FETC 2023
The Future of Education Technology® Conference takes place live and in-person Jan. 23-26, 2023, in New Orleans. Register now!
MDR solutions allow you to detect intrusions when they happen, giving you ample time to remediate the situation before it’s too late. However, you must also be prepared to respond if the bad actor penetrates your environment. This is where a modern data protection solution comes into play.
With the right set of data protection technologies, you can make sure that bad actors can’t tamper with, encrypt or delete your data if they do manage to sneak into your environment.
2. Implement a modern backup solution
Despite all the checks and balances in your production environment, sometimes unforeseen things happen. So, you must be able to successfully recover data that’s been compromised.
Employ immutable, air-gapped backups with the right set of security measures—like multi-factor authentication and role-based access control—so you always have a clean copy of data to restore your business from. If bad actors target your backups, be sure you can do forensic analysis on that environment—using a clean room—to help identify your key recovery point. Once you’ve identified your most recent clean data, you can use those backups to restore your system.
More from DA: Hackers release confidential data after LAUSD refuses to pay ‘insulting’ ransom
Consider deploying regular cyber-recovery simulations as well. That way you can be certain your plans and procedures work accordingly.
3. Prepare your people
Don’t forget about the people. Provide staff, teachers, administrators and anyone who accesses computers on the network with user-based training for cyberattacks. Educate them on the latest threats, including what to look out for, what to avoid and how to respond if you accidentally click on a link you aren’t supposed to.
Schools should be on high alert
Schools are more prone to ransomware risk than ever before. This will only increase as reliance on technology grows, and more and more students and faculty continue to access the network remotely.
When combined with the fact that many school districts have substantial budgets, it’s easy to see why these institutions are ripe targets. But by taking the necessary precautions, educational institutions can ensure that students’ data is properly protected, and they can sufficiently recover after a successful cyberattack.
