Preventing the next cyber attack incident at your local school

Brian Horsburgh, UK Education Sales Director, Dell Technologies, highlights the growing cyber challenges faced by the education sector in the UK and explores what security and IT teams can do to prepare for and combat the threats.

Learning from home was not the only challenge schools faced during the pandemic. Over the last two years, schools and universities have witnessed an unprecedented level of ransomware attacks as incidents continue to impact the education sector. Despite the return to classrooms, the cyber security threat prevails.

Data from the National Crime Agency’s National Cyber Crime Unit (NCCU) shows a 107% increase in reports from the police cyber prevent network of students as young as nine deploying DDoS (distributed denial of service) attacks from 2019 to 2020.

A robust cyber security foundation is essential for schools of all sizes to plan for and prevent the possibility of these incidents. All schools should have the support needed to be able to deliver this. IT leaders must continue working with administrators, students, teachers and parents to stop security breaches and prevent future attacks. In addition, there is a role for local councils and industry to help schools tackle the increasing cyber threat.

Assess and plan

To increase access to technology while avoiding being compromised, primary, secondary school and further education must each have the support and resources necessary to adopt cyber security best practices. The first step involves identifying someone with the required skills and capacity and executing a thorough security risk assessment to identify gaps and weaknesses across networks and infrastructure.

These assessments also measure cyber preparedness and the ability of each institution to identify, protect, detect, respond and recover from ransomware or other cyberattacks and vulnerabilities.

Once there is an established baseline, the school’s management team should develop a comprehensive plan to gain continuous visibility across endpoints and networks. Securing a school’s endpoints from malware and phishing attacks is critical to establishing a greater security perimeter for student and faculty workstations, laptops, tablets, and other devices that may be compromised.

Tools

Secondly, adopting the right tools is essential to manage risk to systems, assets, data and capabilities. Due to the increase in cyber-attacks in the education sector, National Cyber Security Centre experts have rolled out free cyber defence tools to schools to help them protect their emails and websites from online attackers.

UK schools can sign up for the NCSC’s Web Check and Mail Check, which provides services to protect their websites and email servers from cyber attacks. Dell Technologies also provides a free Cyber Resilience assessment to help organisations better understand their cyber risks and vulnerabilities and provide actionable recommendations.

Access to free tools and advice is vital for the UK’s schools. Over the last year, we’ve witnessed increased attacks that have affected schools across the country. These negatively impact the schools in various ways, from missing financial records, student coursework getting lost, and some institutions having to disable the entire email system.

Collaboration with the physical security department

While education leaders should focus on cyber security, they should not ignore the importance of bolstering their physical security department.

Securing premises and devices from physical attacks can be as challenging as defending against cyber threats. One protects the other, as weak physical security can compromise a school’s online assets, so both elements must be addressed simultaneously. For example, physical security components connected to the internet, such as RFID key card door locks, smartphones, and video surveillance cameras, are common targets for hackers.

A robust physical security department can also help protect IT departments which hold sensitive data. While firewalls can keep attackers out of a school’s system, they won’t be effective if the attacker can remove important IT assets from the premises. If an attacker gains access, they can either steal or damage equipment such as servers or upload malware to systems.

While traditionally, IT and physical security departments worked in silos – it’s now more important than ever that they collaborate to create a holistic security system for schools. Physical security has become more sophisticated and incorporates technology such as artificial intelligence (AI) and the internet of things (IoT). Strong cyber security must be in place to protect both areas. A lack of communication and a disjointed approach can leave attack surfaces open to hackers.

Strike the balance

Finding the balance between access and security is a constant struggle. We know increasing access to technology is essential to the learning process; however, IT often feels the pain of pushing for increased security. Teachers and administrators desire to provide easier and greater access to learning tools, but the challenge is finding a solution that doesn’t put students’ safety at risk. We must seek technologies that push the access models for our young people while keeping a cyber-safe approach.

One example of striking that balance is carefully considering tools for communication. Applications that enable communication and collaboration have the potential to make personally identifiable information (PII) public to the world. Some schools block these tools, while others see them as essential for collaboration.

Rather than determine if restricting these apps is the best option, find technologies that allow for collaboration while limiting the leakage of PII. When we see the opposing forces that make striking that balance difficult, we can identify solutions that can continue to push the access we seek.

Monitoring and protecting

Once a school establishes the foundations of a plan, there must be constant upkeep. School leaders must focus on holistic data protection and threat management solutions, especially for IT and security teams suffering from depleted resources and budgets. Ensuring networkers are constantly monitored and protected from the classroom to the data centre to the cloud should remain a top priority.

Deploying servers with built-in cyber security controls and a protected supply chain ensures a robust and layered security approach. Endpoint protection solutions help detect, investigate and respond to advanced threats across endpoints, network, and cloud environments. These intelligent and automated tools help effectively identify authorised users and nefarious threats from outside school networks.

This is particularly true as schools adopt cloud solutions and a multi-cloud environment. Intelligent software-defined solutions that detect unusual patterns, send alerts, and protect data while ensuring compliance and restoration activities, will better defend critical data in the care of security teams.

By deploying solutions such as a physically isolated data vault with immutability for critical applications and data, schools can significantly lessen the impact of cyberattacks and resume operations rapidly should a security incident occur.

Best practices

Part of any comprehensive security transformation also requires education and awareness. It is crucial to build a culture of security awareness for every stakeholder in the education process, from IT staff, educators and administrators to students and parents. This strategy should include a regular cadence of training around maintaining good cyber and technology hygiene.

The threat landscape for education security leaders continues to grow, especially as new learning models—including hybrid, blended and remote situations—arise. Focusing on planning and finding new security solutions will limit classroom disruptions and boost learning outcomes.

By adopting these best practices, schools can provide the right balance of access and protection while facilitating student-centred learning.

To make an obvious point, the education system is what prepares young people for the future – providing skills for the job market as well as life. Cyber security and providing a safe and secure environment is crucial. Local councils, industry and schools must work together to achieve this. That includes ensuring that schools are supported to have the skills and funding needed to put in place necessary cyber security services.