As winter approaches, children would normally be hoping for a snow or ice storm to hit and shut down schools. On those days, their parents would typically have to take the day off or arrange to work from home to watch them. But this is not a typical year and what used to be considered normal has changed. Many kids are now receiving educational instruction from home and their parents are already working remotely. So is the traditional “snow day” a thing of the past?
Perhaps. Either way, a new version of a snow day has already emerged: times where schools shut down because of cyber attacks. As an example, Springfield Public Schools in Massachusetts recently shut down due to “potential IT threats.” Another district in Connecticut canceled the first day of school due to a ransomware attack.
A shut down due to a cyber attack has much wider implications than an actual snow day. Personally identifiable information (PII) and other data on students is being compromised by malicious attackers.
Schools Are Valuable Targets
Most schools have implemented some form of online instruction this school year. As a result, these attacks have increased in volume and speed. And their impact is much more significant.
School districts are easy targets for ransomware or other types of cyber attacks because they have systems that people need to access to do their daily work. Malicious actors know how important it is to have these systems up and running. Once a school district is hit by ransomware, the consequences are grave. It can take as many as 16 days for systems infected with ransomware to be restored.
Moving to a remote environment has exposed schools to greater risk of cyber attacks. For example, more students and teachers are using cloud storage applications like Google Drive and Dropbox to upload and share documents, making it easier for malware to spread.
Keeping Online Classrooms Safe
Unfortunately, some school districts still haven’t elevated their concern for ransomware attacks. What can they do to protect students, teachers and the rest of the community from growing threats in this new learning environment? Here are a few best practices to consider:
Backup your data. It’s important for schools to assume bad things will happen. That’s why having backups is crucial — it’s better to be safe than sorry. Storing backups offsite is a good idea so they don’t get infected if a ransomware attack hits a school’s environment.
Implement a strong identity management strategy. Schools can no longer just rely on traditional firewalls and virtual private networks. They need to start treating identity as a key element of protection. The proper identity management of users should include lifecycle management, authorization and authentication.
Consider automation. Automating systems can also help IT teams save time while staying ahead of detecting and preventing cyber threats, especially if the data can live anywhere.
Scan and wipe. Use software to scan for personally identifiable information. This will flag sensitive and high-risk information, such as social security numbers and health records. IT teams should also consider tools, like FortifyData, that can identify misconfigurations and vulnerabilities. Also, as more school districts distribute devices to students, they’ll need remote wipe capability.
Cover the basics. Schools already patch against classic vulnerabilities. However, they should also configure their systems and devices properly to prevent an attacker or automated malware from causing harm to their environment. With students and teachers using school-issued devices from home and accessing software and applications outside the school’s network, cyber security education is also crucial.
These days, educational systems are not exempt from cyber attacks. In fact, they are considered an easy target. They must invest in cyber security controls to protect student and employee data, and maintain their online presence to continue educating our youth.