Key points:
- The nation continues to face a severe cyber workforce shortage
- Defending against future ransomware attacks requires cybersecurity investments
- See related article: Fixing the K-12 cybersecurity problem
- For more news on IT security, see eSN’s IT Leadership page
- Learn How to Lower Cybersecurity Threats to Your School
According to a recent report from the Cybersecurity Infrastructure Security Agency (CISA), aggressive hacking tactics by threat actors are increasing in frequency and complexity against K-12 classrooms and higher education institutions.
With public and private schools providing a broad attack surface area for exploitation, they often find themselves repeatedly targeted by malicious hackers looking for financial gain or to steal the sensitive information of students and teachers. These cyberattacks create potentially dangerous effects on the education sector via lost instructional time and the cost to recover from the incident.
It’s no surprise that ransomware has hit the education sector hard. Schools often struggle to find room in the IT budget for a robust cybersecurity plan–and they are further constrained due to the difficulty in retaining IT talent to boost their overall security posture. As a result, hackers can often easily slip in through open vulnerabilities and wreak costly havoc on districts. Countering such devastating attacks with efficiency is going to be key in the 2023-2024 school year.
Establish holistic approaches to security
Fortifying defenses against future ransomware attacks requires institutions to prioritize cybersecurity investments, while improving talent retention strategies and automating their patching capabilities. The nation continues to face a severe cyber workforce shortage, and at the same time, most students in the classroom are not being taught proper cyber hygiene or how to best defend themselves from exploitation in the digital world. It’s clear that cybersecurity is not simply an issue for staff or teachers.
With malware, phishing campaigns and distributed denial-of-service attacks on the rise, school systems are requiring more eyes and ears than what a lone IT team can provide. Traditionally, IT teams in school districts or on college campuses focus their efforts on external-facing systems and often fail to properly secure internal networks that are just as at risk. Higher education institutions are particularly susceptible to internal attacks. In fact, university breaches are more likely to come from a student who is either inadvertently or even purposely causing a disruption. This adds yet another layer of risk to mitigate.
Promoting a culture of security awareness can transform the way districts handle these cyberthreats. Students and educators alike can learn how to quickly spot and report threats, how to maintain strong password management, as well as how to better protect themselves in an online digital environment. This holistic approach to risk and compliance is the foundation for an ecosystem that better defends itself against daily cyber threats.
Critical vulnerabilities within unprepared systems often stem from two main factors: a lack of effective threat detection and the improper storage of documents on school-provided cloud drives. Without proper threat detection in place, it is extremely difficult for vulnerabilities in system software to be recognized and ultimately mitigated. For example, last September, a ransomware attack on the Los Angeles Unified School District (LAUSD) drew national attention after it was confirmed that Social Security numbers and the private, sensitive information of staff and students was exposed. Not only was this attack a breach of information that damaged the confidence and reputation of the school, but it was also a massive disruption to the district and their network system availability. While it may have been unclear if the root cause was in fact an unpatched system or not, it is clear that unpatched systems, or delayed patches, can lead to such incidents.
Delayed patches means that vulnerabilities can go undetected or get completely ignored for weeks or even months at a time. Unfortunately, some institutions may think it is perfectly fine to designate certain times of the year for their patch management. But trying to squeeze in 6 months’ worth of patching before the start of a new semester can financially and academically disrupt a K-12 district or university via lengthy downtimes.
Traditional patch management is out
This passive approach to patching means the education sector must wait for patches to be automatically delivered and then manually installed, which can add to the delays in addressing known vulnerabilities. It’s not a secret that patch management can be a frustrating and time-consuming process that requires scheduled maintenance and is heavy on the manual labor needs for already overworked security teams. But by moving universities, community colleges, and K-12 districts into a more automated approach to patch management, the process becomes significantly streamlined.
Live patching is a relatively new approach that works by modifying and intercepting code at runtime that does not interrupt normal system operations. With automatic security patching in place, it not only frees up administrators, it also significantly reduces necessary downtime.
Some of the biggest benefits to switching to automated patching in place of traditional methods are:
- Reduced downtime and disruption: Applying live patches minimizes the risk of unexpected system failures, crashes, or downtime resulting from unpatched vulnerabilities. This ensures smooth operations, uninterrupted services, and safer student data.
- Timely vulnerability mitigation: Proactive patching ensures that vulnerabilities are addressed as soon as patches become available. This significantly reduces the window of opportunity for attackers, minimizing the risk of successful exploitation.
- Reduces risky reboots: Live patching eliminates the need for scheduled maintenance windows in which a system can be rebooted or services. Rolling reboots and restarts themselves can be risky and disrupt daily classroom operations if forced to shut down temporarily.
The digital transformation process for the education sector is crucial in light of increased targeted attacks. By securing classroom environments through a strong vulnerability management platform and empowering IT administrators, educators, and students to focus their efforts on proactive defense strategies and awareness, schools can enhance their ability to defend themselves and lower the risk of exploitation.
- The importance of the ITS and Facilities relationship - March 22, 2024
- How edtech is transforming bilingual education in the U.S. - March 21, 2024
- 5 ways to keep schools safer with innovative visitor management - March 21, 2024