Written by Mark Belgrove, Head of Cyber Consultancy at Exponential-e
The pandemic has catalysed a sharp rise in the number of cyber-attacks. This trend is especially true as malicious actors have been looking to take advantage of the many vulnerabilities exposed by remote learning. For example, it recently come to light that laptops issued to children by the government to support their education over lockdown, had been infected with strain of malware linked to Russian servers. This shocking news served as a wake-up call for the education sector – a reminder that it is unfortunately a top target for cyber criminals.
In fact, education organisations may have more to be concerned about than businesses. A previous study disclosed a shocking revelation – 59% of UK school and education institutions reported a security breach or attack in the preceding 12 months, compared to just 46% of businesses. The same study also revealed the threat is much greater in higher education, with 57% of institutions having identified attacks or breaches at least once a week.
In light of this environment and the possibility of further school closures as the question of vaccines for 12–15-year-olds remains in question, it has never been more important for education institutions to ensure the cyber safety of all their staff and students. Especially with a new school year just beginning.
How cybersecurity challenges are changing
While 98% of schools are using antivirus software, and 99% are using some form of firewall protection, new, sophisticated attacks continue to emerge and prove successful, for which these traditional mitigation methods simply aren’t enough.
Phishing remains the most common form of attack. Its enduring success may be accredited to attackers’ ability to constantly update the fake ‘hooks’ used to fool victims. For example, since lockdown, cybercriminals have used malicious links hiding as video connection app links used for remote learning.
And it’s not just evolving hacking methods we need to be worried about. We’ve seen new methods to take advantage of video conferencing systems. “Zoom bombing” is when an uninvited user gains access to a video call or online class, and while this may seem harmless, it poses a serious threat to everyone’s privacy, and can be highly disruptive to the learning environment. It also runs the risk of students being exposed to indecent content, which was sadly demonstrated in the recent shocking news of a man exposing himself to a group of Year 7 pupils.
Ensuring online learning is secure
It’s evident that educational institutions need to adopt a vigorous cyber security strategy that not only takes into consideration the threats we have come to know, but even more importantly, novel threats that we are yet to witness.
The sharp rise in cyber-attacks has already encouraged new initiatives to improve the current state of the sector’s security. For example, The Department of Education (DfE) published a best practise guide for cybersecurity and remote learning. It is also now working closely with the NCSC and education institutions to continually educate on the best approaches for mitigating attacks, as well as what to do when they do occur. The DfE has also mandated that it will implement a formal plan for secure remote learning by September 2021. In the meantime, it is up to education institutions to keep students and staff informed and equipped with the right tools, so that they stay secure when working and learning from home.
In the first instance, IT teams across all levels of education can and should be implementing standard solutions to mitigate risks, for example by securing VPNs and implementing strong firewalls and internet gateways to protect IT networks from attack, unauthorised access, and malicious content.
Education institutions should be going the extra mile though, also considering mandating basic cybersecurity awareness and training for all staff and students to help implement good cybersecurity practices. More sophisticated IT solutions can also be implemented for a multi-layered approach, that secure and validate the identity of all network users, for example identity access management.
Remote learning – the future
While the last two years may have demonstrated just how important cybersecurity is, remote learning has also shown its true potential when it comes to creating new channels for education.
This bodes well for the future. However, as with any innovation, this also creates a more complex landscape for threats and mitigating them. Education institutions therefore need to adopt a sophisticated and multi-layered approach to security, one that is tailored to the systems, tools and materials used by students and staff.
As we approach a new school year, short-term security solutions have served well and protected many organisations from attack. But now is the time to consider long-term solutions that support a future of hybrid learning.