Why is education becoming more attractive to cybercriminals?
Educational institutions in the United States face growing threats from cybercrime. According to annual reports, the number of attacks on schools is constantly increasing. These attacks include ransomware, phishing, and DDoS.
Federal and regional support aimed at updating equipment and ensuring security helps to combat this trend. However, the risks remain high, as leakage of student data, damage to the reputation of institutions and disruption of the educational process can have very serious consequences.
American schools are easy prey for cybercriminals. According to the US Cybersecurity and Infrastructure Security Agency (CISA), schools are the most vulnerable type of organizations that may be of interest to ransomware.
The use of outdated IT systems, a lack of budget and qualified information security specialists, as well as a huge number of devices connected to school networks create ideal conditions for attacks.
The COVID-19 pandemic has only increased the potential risks for the education sector. Schools were moving so quickly to distance learning that they didn't have enough time to build truly secure systems. As a result, vulnerability to cyber attacks has also increased.
In addition, most IT administrators in schools do not have complete information about the number of devices and servers, their status, and security weaknesses. This creates an increased threat, as just one unprotected device can already become an entry point for an attack. Even video surveillance systems are dangerous if the infrastructure is not properly protected.
For protection, you need to improve the visibility of endpoints in the network, which can be done, for example, using endpoint management solutions. They allow you to get a complete picture of the number of devices and their status.
For example, the Barnaby School District in Canada recently discovered 2,000 more devices in its networks than it expected. The unexpected discovery allowed specialists to increase their awareness and configure systems more securely.
Higher education institutions also face extortion threats and cyberattacks sponsored by unfriendly States. These threats exploit complex multi-step tactics and security vulnerabilities. Unlike in the corporate sector, security at universities is often fragmented, which makes protection more difficult.
Educational institutions should be able to identify and address vulnerabilities and respond quickly to incidents. An incident response plan should include detecting threats, notifying insurers and authorities, collecting evidence, dealing with consequences, and recovering.
Thus, the education sector requires increased readiness for cyber threats, especially during the summer holidays, since in addition to schoolchildren and students, IT personnel are often not at their workplaces that are able to take at least some protective actions in the event of a cyber attack.
It is worth remembering that only a combined effort to prevent and respond to incidents will help protect schools and universities from new cases of extortion and phishing.
Educational institutions in the United States face growing threats from cybercrime. According to annual reports, the number of attacks on schools is constantly increasing. These attacks include ransomware, phishing, and DDoS.
Federal and regional support aimed at updating equipment and ensuring security helps to combat this trend. However, the risks remain high, as leakage of student data, damage to the reputation of institutions and disruption of the educational process can have very serious consequences.
American schools are easy prey for cybercriminals. According to the US Cybersecurity and Infrastructure Security Agency (CISA), schools are the most vulnerable type of organizations that may be of interest to ransomware.
The use of outdated IT systems, a lack of budget and qualified information security specialists, as well as a huge number of devices connected to school networks create ideal conditions for attacks.
The COVID-19 pandemic has only increased the potential risks for the education sector. Schools were moving so quickly to distance learning that they didn't have enough time to build truly secure systems. As a result, vulnerability to cyber attacks has also increased.
In addition, most IT administrators in schools do not have complete information about the number of devices and servers, their status, and security weaknesses. This creates an increased threat, as just one unprotected device can already become an entry point for an attack. Even video surveillance systems are dangerous if the infrastructure is not properly protected.
For protection, you need to improve the visibility of endpoints in the network, which can be done, for example, using endpoint management solutions. They allow you to get a complete picture of the number of devices and their status.
For example, the Barnaby School District in Canada recently discovered 2,000 more devices in its networks than it expected. The unexpected discovery allowed specialists to increase their awareness and configure systems more securely.
Higher education institutions also face extortion threats and cyberattacks sponsored by unfriendly States. These threats exploit complex multi-step tactics and security vulnerabilities. Unlike in the corporate sector, security at universities is often fragmented, which makes protection more difficult.
Educational institutions should be able to identify and address vulnerabilities and respond quickly to incidents. An incident response plan should include detecting threats, notifying insurers and authorities, collecting evidence, dealing with consequences, and recovering.
Thus, the education sector requires increased readiness for cyber threats, especially during the summer holidays, since in addition to schoolchildren and students, IT personnel are often not at their workplaces that are able to take at least some protective actions in the event of a cyber attack.
It is worth remembering that only a combined effort to prevent and respond to incidents will help protect schools and universities from new cases of extortion and phishing.
