Cybercriminals Make Schools Top Target for Ransomware Attacks
In 2020, “remote learning” became a household term, and a new digital education landscape was born. Students, educators, families, and educational institutions moved every aspect of the school and student experience online. And the ensuing chaos of change created openings for cybercriminals. While education has been fending off cyberattacks for years, hackers have ramped up serious attacks on digital education systems, employees, and families with the new normal in education.
School Ransomware Attacks on the Rise
Though many education systems were hoping to return to some degree of normalcy this fall, a barrage of school ransomware attacks is worsening damage caused by the COVID-19 pandemic.
Cybercriminals have discovered that schools have fewer cyber defenses than private businesses and face vulnerabilities on many fronts. Between virtual and hybrid learning and faculty and staff that connect to school systems with personal devices, Pandora’s box of new entry points is open to hackers.
According to a joint report by the FBI and other federal agencies, during the 2020–2021 school year: the K–12 education segment became not only the No. 1 target for ransomware, but it also made up the majority of all ransomware attacks.
In ransomware attacks on schools, a cyber attacker gains access to the computer systems – often through phishing emails or stolen credentials – and holds the vital infrastructure ransom. Attackers gain control and then demand money after disabling computer systems or encrypting critical data files. They may also threaten the release of sensitive personal data – often, the private student and family information schools try hard to protect.
In recent months, schools across the country have experienced a wave of ransomware attacks. Schools in Haverhill, MA, were forced to close in April of 2021 following a ransomware attack that rendered the entire system, including the remote learning platform, not operational.
In June 2020, The University of California San Francisco School of Medicine was the victim of a ransomware attack that resulted in the university paying a more than $1 million ransom. University officials said the encrypted data was important to academic work in the interest of the public good. The university paid the ransom in exchange for a tool to unlock the encrypted data and return other data the cyber attackers had obtained.
Seven Cybersecurity Tips for Education Organizations
The continually evolving and growing cyber threats facing school systems present significant information security challenges. When it comes to cybersecurity, there is no silver bullet strategy. Instead, school systems can build a layered approach that significantly strengthens their security defenses across the many potential entry points for attacks.
To protect themselves from ransomware attacks, education organizations should focus on the following:
- Awareness and training. Provide education system employees with training about the most current attack methods being deployed against schools by cybercriminals. Additionally, inform students and families about how the school will communicate with them to help them avoid being victimized by fraudulent (and potentially very convincing) emails or texts.
- Watch for social engineering. Phishing (and vishing and smishing) and other innocuous-looking (but malicious) communications are still used very effectively by cybercriminals to gain access to school systems. Ensure employees and students know how to spot them, and set up a way to report and track them. The cost of phishing attacks is reaching new highs, with nearly $10 million stolen from a single school district in 2020.
- Timely tech updates. When new updates are released, patch operating systems, software, and firmware right away to implement vulnerability fixes identified by providers.
- Passwords, secure internet, and authentication. Implement policies that ensure everyone who logs into the school system uses a strong and unique password and connects from a secure, private, password-protected network. Conduct audits that verify any new users are, in fact, legitimate accounts. Password hygiene for remote employees and students is particularly important.
- Secure back-ups. Schools should keep system files and programs securely and regularly backed up. If something were to happen to system data, the school would be able to restore what was lost and mitigate any potential losses.
- Secure potentially vulnerable entry points. If you have employees connecting to your school system with personal devices, consider implementing mobile defenses that monitor devices and alert individuals if their device has been compromised. Having the infrastructure in place also provides IT departments a single-source view of mobile threats from devices connected to the school network.
- Cyber insurance. In the current cyber threat environment, the protection offered by cyber insurance is growing in value. A cyber policy can assist with data restoration, ransomware demands, forensic investigation, and an expert helpline for those affected.
Discover Four More Cyberthreats Faced by Schools
School ransomware is a huge issue but just one of the big five cyber threats facing education. With the school experience moving more firmly online during the pandemic, cybercriminals have been attacking from many sides. Watch our 15-minute webinar Don’t Get Schooled: Pay Attention to These Top Five Cyber Threats. Students, parents, and school employees are invited to join Sontiq as we review the new cyber landscape in education and how to ensure digital safety and security for all.