Cyber-criminals are opportunistic: if they see an easy target ripe with sensitive data, they are going to take advantage. There are several key factors that combine to make schools easy and profitable targets.
The first is that most institutions belonging to the education sector struggle with funding; the majority of budget is deferred to core curriculum. That means that not only is security often an afterthought, but technological infrastructure (which is expensive to update) is typically outdated and easily penetrated by cyber-criminals.
The second is that schools collect and store valuable, sensitive data on their children and staff members, from health information to grades.. That information is highly sought-after by threat actors, who can use it to hold schools for ransom or to sell for high profit margins on the black market (data belonging to children typically receives a higher price). With so many students connecting to the school network from personal and school-owned devices both on-premises and at home, there’s a larger and more open attack surface for criminals to infiltrate. In fact, students themselves often hack school software or run DDoS attacks so they can get out of school work (or prove that they can do it).
The education sector is clearly in need of better and more effective security, and it’s important for schools to make their case to the board for investment in technological infrastructure and cyber-security solutions that combat threats which have historically targeted the education sector.
IT Directors should look for programs with dynamic, behavior-based detection criteria that shield networks and endpoints from ransomware, Trojans, and other active malware families – plus remediation capabilities to help clean up in the event of a breach. Firewalls, email security, and encrypted data storage/backup systems provide additional coverage against phishing attacks, which is a common method for infiltration and breach of schools. In addition, developing a cyber-security policy and incident response plan will help prepare schools in the event of a breach. However, funding and staff support aren’t always available to invest in and implement such plans. Other options for improving security include launching awareness programs for employees and students to train on cyber-security best practices, as well as segmenting networks to secure personal data away from curriculum.