K-12 education needs a cybersecurity overhaul

The pandemic highlighted what was already becoming evident—cybersecurity threats can devastate a school district

It’s critical that the industry overhaul the traditional approach to K-12 cybersecurity to ensure the strongest defense possible in today’s evolving threat landscape. With that in mind, following are some of the sector’s chief security threats—and what can be done to overcome them.

  • Digitization: COVID-19 brought many changes to the education sector, and it’s likely some of these will remain even after life returns to normal. One prime example here is the uptick in tablets, Chromebooks, and other devices that enable students to access remote instruction and digital learning tools. These devices were certainly indispensable at the height of remote learning. However, they’ve also proven their value by allowing schools to remain in (virtual) session during inclement weather or other scenarios that would typically have resulted in a day off. In addition, the greater flexibility afforded by devices means that students can minimize the amount of time lost due to routine appointments such as dental exams. As such, this blending of digital and in-person instruction is likely here to stay.

The trend can easily introduce numerous vulnerabilities if cybersecurity is not always a prime consideration in all digital learning strategies and policies. Forty-five percent of the disclosed incidents analyzed by the K12 Security Information Exchange report were due to malware, class and meeting invasions (such as the “Zoombombing” attacks that occurred in the early days of the pandemic), email invasion, and website and social media defacement. In other words, threats that likely will continue to arise if students are using connected devices.

To address this, it’s important to:

  • Ensure that students and staff have the least amount of access possible
    • Ensure all devices have the latest patches and/or updates
    • Scan devices for malware before they rejoin the school network

Another key consideration is ensuring that students and staff alike are aware of acceptable use policies, and are only accessing approved sites and applications when utilizing school-owned devices.

  • Password security: Poor password hygiene is a security problem in virtually every industry, and something that is likely to grow in tandem with increased digitization in the K-12 sector. Faced with creating credentials for multiple online accounts and services, both staff and students alike are likely to use simple, easy-to-remember passwords; a practice that can easily introduce security vulnerabilities if the credentials have been exposed in a previous breach. As part of their renewed focus on cybersecurity, it’s important that schools are cognizant of this threat and investigate password auditing solutions that can mitigate the risk.
  • Phishing and ransomware: Ransomware–a type of malware that encrypts users’ files and demands a ransom to restore access–is on the rise in the K-12 sector. In addition, the extortion demands have significantly increased, far exceeding $1 million per incident, according to evidence cited in the nonprofit report. On top of the potential financial repercussions, ransomware wreaks havoc in the form of school closures and class cancelations.

While there are a number of methods hackers can use to stage a ransomware attack, phishing is among the most common. Therefore, it’s important that school administrators are vigilant for phishing scams and encourage staff and the greater school community to be on the lookout for these fraudulent schemes. It’s also critical that schools have a plan for how they would respond should they be hit with a ransomware campaign. For example:

  • How are accounts and data backed up?
    • How long will it take to restore them?
    • How is this backup protected to ensure it won’t also be compromised in a ransomware attack?

Determining the answers to these and other questions before an attack occurs can make a vast difference in how quickly the school or district is able to recover from a ransomware campaign.

  • Limited resources. As mentioned above, the typical K-12 IT team is incredibly small and was already juggling competing priorities long before the pandemic further upended things. One important step for tightening up cybersecurity with these limited resources is to outsource as much of the security upkeep as possible. By availing of reputable cloud services to host file servers, email servers, and other IT infrastructure, schools and districts can reduce much of the heavy lifting associated with securing their systems.

In addition, this approach frees up resources and helps people allocate more time to staying abreast of the evolving threat landscape–training staff on security best practices, ensuring that student devices are scanned for malware and regularly updated and patched, and continually educating the school community on their role in protecting sensitive data from falling into hackers’ hands.

It’s clear that the education sector is an attractive target for attack, and unfortunately the pandemic has only served to increase the risks for schools and their communities. Perhaps the K12 Security Information Exchange report put it best when it warned: “There is no time to waste.” The education industry must act now to overhaul the traditional approach to cybersecurity, before it’s too late.

3628