Why educational institutions could be getting schooled by clever hackers
Hackers are amping up attacks against an alarming new target in 2018 – one that places children in the crosshairs of cybercrime.
Across the country, schools are ditching chalkboards and paper files for computers and data systems brimming with details about students, parents, and staff. Schools are a one-stop-shop for personal, healthcare, and even financial information that can now be accessed online.
But because educational institutions have been largely unscathed in the past by cybercrime, their security measures tend to be light. And cybercriminals are teaching them a lesson about weak cyber defenses: relishing the chance to penetrate a soft target that’s rich in the kind of sensitive data that fetches an alluring price on the dark web.
New technology and Internet-enabled devices in the classroom further complicate matters. In an effort to create a 1:1 or higher student-to-device ratio, many schools allow students to bring their own devices to class.
But while this practice is great for learning opportunities, it makes it extremely difficult for school IT teams to enforce network protections, creating backdoor entrances for criminals.
Cyber-attacks are quickly becoming one of the biggest threats facing schools – with cybersecurity topping EDUCAUSE’s Top IT Issues in 2018. Online hackers are stealing paychecks, swiping personal data, stealing research universities do for the government or the private sector, and demanding ransom after seizing control of districts’ networks. The reputational harm to private schools, colleges, and universities is also a factor, as bad publicity causes families to consider other educational options.
Serious implications for safeguarding children
The stakes are even higher when threats carry implications for safeguarding children. Children’s medical records and Social Security numbers are an easy way for criminals to commit insurance and identity fraud because they usually aren’t monitored that closely. The theft of location information such as addresses and phone numbers is even more frightening.
American educational institutions were on track to experience a more than 100 percent increase in cybercrime in 2017 – with more than 140 K-12 schools and districts publicly reporting one or more attacks over the past two years.
In 2016, education surpassed healthcare and the government as the biggest target of ransomware, a type of malware that makes information inaccessible to users until a ransom is paid, according to a Campus Technology report.
Cybercrimes against schools are on the rise
In October, the U.S. Department of Education issued a warning for K-12 teachers, parents, students, and administrators against the cyber threat targeting schools nationwide. It came on the heels of extortion attempts in three states from hackers, adding a new twist to ransomware: threatening to release stolen private records unless schools gave them money.
A cybergang known as The Dark Overlord claimed responsibility for the breaches, which stemmed from compromised servers exposing confidential information that included the names, addresses, and phone numbers of students, parents, and staff.
Some students and parents even received violent and threatening messages from the hackers, prompting school closures and canceled extracurricular programs.
Other alarming examples of attacks against educational institutions abound:
- In 2017, personal details belonging to millions of teachers, pupils, and parents who use Edmodo – the “Facebook for schools” application – were spotted for sale on the dark web after a data breach.
- In November of that year, SchoolDesk, a company that provides website hosting solutions for schools, suffered a breach by a hacking group known for distributing ISIS propaganda videos. As a result, an ISIS-sponsored video was displayed on a New Jersey school district’s website for about two hours before being detected and removed – highlighting the impact third-party vulnerabilities can have on educational institutions.
- In January, emails sent to the presidents of several Florida colleges and universities threatened mass shootings and bombings if a payment of 1.2 Bitcoin was not received.
- In February, footage from security cameras at three schools in the UK was live-streamed on a U.S.-based website for about an hour until it was shut down.
The three most common attacks against educational institutions
Understanding the most common attacks against educational institutions is the first step toward preventing them. Here are the most popular cyber weapons criminals are wielding against schools:
- Ransomware is a type of malware that infects a device, encrypting the owner’s files and demanding a ransom in exchange for the decryption key. It is usually launched from malicious attachments or links in emails. It results in downtime and unexpected costs that schools can’t afford; ransomware remediation costs were projected to exceed $5 billion in 2017.
- More than 90 percent of cybercrimes start with a phishing scam. Most are delivered by email, but they can also come from social media or SMS messages. Attackers send a message that appears to be from an authoritative source or someone the user knows personally requesting sensitive information.Once the criminal has this data, they can use it for fraudulent purposes. A recent announcement from the IRS, for instance, warned of a phishing scam targeting school employees to steal W2 information.
- Distributed Denial of Service (DDoS) attacks overwhelms network servers by flooding them with requests from thousands of machines, usually through a botnet. The increase in traffic knocks the educational institution offline.
While these attacks can be monetized, they are usually about personal vendettas. In fact, many DDoS attacks are launched by disgruntled students who purchased the DDoS script for as little as $5 on the dark web.
Educational institutions have become prime targets for cyber-attacks – and because children are involved, the implications are especially serious. Fortunately, there are proactive measures schools and districts can take to prevent hackers from gaining access to the sensitive information that they store.
An experienced cybersecurity provider can teach institutions best cybersecurity practices that uncover their greatest risks – and prevent cybercriminals from harming the children and families they serve.
CyberGuard360’s clients across four states and 40 industries are guided safely through the threat landscape. Our wide array of services includes system security suites, risk assessment, education, and training and disaster recovery, and we specialize in helping New York companies comply with 23 NYCRR 500. If you’d like us to put our expertise to work for you, we’d be happy to help. Call us at 844-315-9882 or use our contact form for a free consultation.