Cybersecurity Threats in Education Take Center Stage in a Post-Covid World
Education ranks last in cyber preparedness and has the most vulnerabilities in application security, endpoint security, and software updates.
Cybersecurity has become a leading concern in education in recent years, in both the K-12 setting and in higher education—and for good reason. Since 2016, U.S. schools and districts have reported 1,180 cyber incidents1 —and counting. The pandemic only fueled the issue further as schools, colleges, and universities have been forced to operate in crisis mode, presenting an ideal environment for the opportunistic cybercriminal.
Sadly for our nation’s youth and the educators who serve them, education ranks last in cyber preparedness and has the most vulnerabilities in application security, endpoint security, and software updates. Repercussions from cybersecurity events can prove devastating to educational institutions that can least afford related losses.
Top Cybersecurity Threats Facing Schools Today
While cybersecurity overall continues to grow, here are the most prevalent threats that present-day educational institutions need to know:
- Social Engineering: The malicious act of using psychological manipulation to trick users into making security mistakes or giving away sensitive information, social engineering is how 90% of cyber attacks start.2 Cyber actors didn’t waste any time taking advantage of the shift to a virtual schooling environment. Many school employees fell victim to phishing campaigns that capitalized on the dire situation (e.g., impersonating government agencies disseminating stimulus checks, pretending to sell PPE, and more). And because those who work in education tend to be more trusting in general, these campaigns have been wildly successful—and continue to take hold and damage schools and higher ed institutions across the country.
- Ransomware attacks: This costly form of cyberattacks involves bad actors who use malicious software to encrypt data files and systems, requiring schools and colleges to pay a ransom to regain access. For example, a ransomware actor may steal and threaten to leak confidential student data unless they are paid a ransom. As with all other cybersecurity threats, ransomware events have been on a steep upward trajectory since the start of the pandemic. In 2020 alone, more than 1500 U.S. schools, colleges, and universities have succumbed to ransomware attacks. Globally, 44% of educational institutions were targeted by such attacks.3
- DDoS attacks: A DDoS (Distributed Denial of Service) attack occurs when an attacker attempts to make it impossible for a service to be delivered. In 2020, there were 120,000 reported DDoS incidents in education.4 DDoS attacks don’t cost much and are relatively easy to launch anonymously. And with the move to remote learning, educational institutions became highly vulnerable to DDoS attacks when they developed a dependency on connectivity like never before.
Strengthen Your Education Institution’s Cybersecurity
Cybersecurity continues to pose a significant risk to educational institutions, particularly in the post-Covid world of online learning. Schools, colleges, and universities provide the soft targets that hackers are looking for.
At Eastern, our team of cybersecurity pros can help you better understand, manage, and reduce your cybersecurity risk, protect your network, and safeguard your data with Dell’s portfolio of security solutions. We’ll help you identify and protect your current IT assets, monitor your portfolio, respond to an event when it occurs, and create a plan to prevent reoccurrence.
For more information about how we can help you shore up your cybersecurity defenses, contact us here.
1 https://k12cybersecure.com/map/
3 https://gcn.com/articles/2021/09/15/k12-college-cyberattacks.aspx
4 https://edtechmagazine.com/higher/article/2021/05/easy-and-inexpensive-ddos-attacks-surge-higher-ed