Schools hold sensitive data regarding students, staff and parents, and although cyber-attacks on schools are rare, data protection should be acknowledged, and appropriate security measures put in place.
The majority of malware, ransomware attacks and credential thefts come from online targeted attacks – typically through malicious emails or websites.
Ransomware attacks normally take the form of attachments in emails that seem to be genuine e.g. an invoice or spreadsheet that when opened, infects the machine. Ransomware encrypts the data on your device and any shared drives, holding it to ransom and requiring the user to pay (in some form of cryptocurrency) to get the files released.
Credential theft often occurs through phishing attacks on schools. Phishing emails lure the user into clicking on links and entering their credentials on a fake website. This, combined with weak passwords, makes schools an easy target for attackers. Once the attackers have the credentials they will either use them to introduce malware into your network, steal or hold the data on your network to ransom, or imitate the user through their email system. This kind of attack is called ‘business email compromise’ and often leads to the attacker requesting money to be transferred to an anonymous bank account.
Attackers also use e-mail spoofing, whereby an email is sent from an account similar to a genuine school email address, including the name of someone senior within the school. Only under scrutiny would users identify a fraudulent email account.
Whilst we advise that users don’t open unfamiliar attachments or click on unknown links, our internet usage means it is the norm to open all attachments that look remotely like something we would expect within our roles.
To protect users, schools need to add a layer of protection to email accounts to prevent malicious attachments and URLs from getting through to users. Staff should also undertake training on cyber-threats so that they know what to look out for. Schools may also want to consider implementing multi-factor authentication to provide an additional layer of protection should one of your user’s credentials be stolen.
A multi-layered and whole school approach is vital against cyber-threats through the combination of policy, education and technology.