Schools are under a significant assault from cyber criminals. And the consequences of even one successful breach can haunt schools and students for years.
In 2020, for example, Baltimore County Public Schools (BCPS) realized they were under a cyber attack from hackers that had been in its systems for around two weeks, according to Route Fifty. As reported by the Maryland Office of the Inspector General for Education, the attack was due to third-party operator error.
After a staff member received an suspicious Excel spreadsheet in an email, that person was unable to access it and forwarded it to a contractor who could. One of the contractors accidentally opened the email with the attachment using their unsecured BCPS email domain account, instead of their secured email domain, and that was the catalyst which opened the network up to malware.
The BCPS fallout included lost days of schools, roughly a year to fully restore the networks, and in total over $9.6 million to fully recover, which included network upgrades and migrations to a new platform.
The incident with BCPS isn’t rare. In September 2022, the Los Angeles Unified School District (LAUSD, one of the largest school districts in the United States) fell victim to a successful cyber attack. And even quick research will show waves of cyberattacks befalling schools.
As schools become more reliant on technology for remote learning and administrative functions, they are also prime targets for cybercriminals seeking to exploit vulnerabilities and disrupt operations.
But the consequences extend far beyond the cost to a school or even a district. Students are also shouldering some of the burden from a cyberattack, the ramification of which could follow them for years.
Identity theft can have a lasting effect on students. But why are ransomware attacks, phishing, and malicious software so focused on student profiles?
For one thing, younger people are easier to target. While adult employees are more familiar with cyber risk and hopefully receive regular training on how to take the appropriate security measures to prevent cyber threats, kids might not notice right away when someone is trying to steal data.
On the other hand, though, kids’ information can be equally if not even more valuable to attackers.
The motives behind hacking student data range from financial gain to espionage and sabotage.
Student data can, for instance, be valuable on the dark web, where it can be sold to identity thieves or used in various fraudulent activities. Some information, such as Social Security numbers and birthdates, can also be used to steal identities, apply for loans or credit cards, or commit other forms of fraud.
And, since kids aren’t regularly tracking their credit, criminals can apply for loans and generate huge amounts of debt in a minor’s name before anyone learns about it.
Cybercriminals may seek to disrupt school operations by deleting or altering student records, too, causing chaos and reputational damage to educational institutions. Or they may encrypt student data and demand a ransom for its release, disrupting school operations and extorting money from educational institutions—for political, economic, or any other purpose.
We tend to think of student data as exam grades. However, there’s so much more sensitive information contained in these records. For example, a kid’s birth date, allergies, social security number, history of drug use, or even home income.
The impact of falling victim to a cyber attack is two-fold.
In terms of the personal consequences of cyber attack campaigns are identity theft, emotional distress, and stigmatization, among others:
In a way, cyber criminals preying on student data and exploiting the private information of minors could accurately be labeled child abusers, because that’s exactly what they’re doing.
One step beyond students are the impacts to the school and district. For example:
Recovering from social engineering attacks can be a long and emotionally complex process. Many families actually feel overwhelmed just considering the idea that someone could gain unauthorized access to their kids’ data. So, cybersecurity management is paramount for schools to prevent the possibility of such attacks.
There’s little doubt that preventing cyber-attacks in schools is crucial for safeguarding sensitive student data and maintaining the trust of students, parents, and staff. The question is: How can these organizations ensure uninterrupted learning?
The first measure should be to provide regular cybersecurity awareness training to students, teachers, and administrative staff. For example, teaching them how to recognize phishing emails, avoid clicking on suspicious links, and report any unusual activity promptly.
Enforcing the use of complex passwords and multi-factor authentication (MFA) for accessing school accounts is also essential. For instance, schools should encourage users to regularly update their passwords, avoid using the same password across multiple accounts, and monitor virtual private network and general network traffic and user activity for signs of unauthorized access, malware infections, or unusual behavior.
And, of course, it’s also vital to implement robust (yet affordable) network security measures, including firewalls, intrusion detection systems, and antivirus software, and secure all laptops, desktops, tablets, and other endpoint devices used by students and staff.
Coro offers an all-in-one, comprehensive cybersecurity platform to help schools enhance their security posture and protect against cyber attacks.
We offer robust email security solutions that include advanced filtering and detection capabilities to block phishing emails, malware attachments, and malicious links. Our endpoint solutions can also protect your school’s laptops, desktops, and mobile devices and secure your network infrastructure with firewalls, intrusion detection systems, and network segmentation.
What’s more, we can assist your organization in developing incident response plans to effectively respond to cyber security incidents, including procedures for detecting, containing, and mitigating cyber threats.
To learn more about these and other capabilities of Coro, check out our platform.
*** This is a Security Bloggers Network syndicated blog from Blog – Coro Cybersecurity authored by Kevin Smith. Read the original post at: https://www.coro.net/blog/the-consequences-of-a-school-cyberattack