Not to divulge my age, but back when I was in high school there were two computers that had internet access that learners could make use of.
It was a simpler time where we trusted that encyclopaedias contained up-to-date information and the news was a piece of paper that eventually became hamster cage dressing.
Fast forward to mid-April 2020 and I’d have been a fish out of water.
Zoom calls doubling up as classrooms, internet access being a requirement for learning and all the while cybercriminals lurking in the dark, just outside of your network.
As extreme as that last example might seem, it isn’t as if the goal might be different to crims targeting businesses.
“Data collected on students, staff and teachers may be highly personal or sensitive and could include student performance data, demographic characteristics, or responses to surveys. This data is attractive to a potential hacker because they understand the impact a data breach could have on an institution’s reputation, and so therefore see a better chance of obtaining a ransom for their crime,” explains senior director of product and strategy at Veeam, Rick Vanover.
For this reason, and basic cybersecurity hygiene, schools should be proactive in how they address cybersecurity.
Your school or hacker’s playground?
Schools should start by determining what sort of cyber risks might be encountered.
According to Vanover, remote desktop protocols (RDP), phishing and out-of-date software are some of the more popular vectors used by cybercriminals.
To address those issues, RDP should be locked down and protected. As regards phishing, this is a bit trickier because attackers are smart.
The Veeam director recommends making use of a training programmes such as KnowBe4 or GoPhish to educate school staff about phishing.
For out-of-date software, well that’s simple – update your software regularly. This might be easier said than done depending on your environment but given its a consideration that should absolutely be made.
However the most worrying tool in the cybercriminal’s toolkit is one that requires a bit more work.
“Uh oh, your data has been encrypted”
Ransomware is a pox on this world and for a school it could spell disaster.
One attacker can bring a school to its knees with ransomware as for many strains of the malware there is almost no way to decrypt your data aside from paying the ransom.
We say almost because if backups are done regularly and protected against malware, recovery can be a lot easier.
But as backups are your golden goose in the event of a ransomware attack, they should be guarded just as closely.
“Backup repositories are an essential storage resource when it comes to ransomware resiliency, so it is recommended that access to those within the organisation is not permitted. Insiders having the permissions to access this data could lead to potential leaks outside of the organisation, so it is recommended that these responsibilities are managed by a third party, where possible,” explains Vanover.
In addition to backups, Vanover urges schools to consider decision authority.
This means that in the event of an attack, a protocol is in place to deal with the attack. This means having a person who can make a call about taking a database offline or being the recovery process.
While it should go without saying, this protocol should make use of multiple contact people rather than one. A single point of failure can lead to even bigger problems.
“One of the hardest parts of recovering from a hack is decision authority. Make sure you have a clear protocol in place that establishes who will make the call to restore or to fail over your data in the event of a disaster. Within these business discussions, agree on a list of security, incident response and identity management contacts that you can call on if needed. When a breach happens, time is of the essence, so you will thank yourself for having prepared in advance,” Vanover adds.
As schools embrace the much lauded fourth industrial revolution, security is key.