With the education sector being a large target for cyberattacks and having to face numerous types of threats, IT teams in school districts need to be aware of current threats and the future ones that are steadily approaching. As more schools are going hybrid in the effort to combat COVID-19, many threat actors are using a variety of techniques for cyberattacks.
Here is our cybersecurity outlook and what we expect to see over the next two years.
CONTINUATION OF PHISHING AND RANSOMWARE THREATS
Phishing and ransomware are easy attacks to perpetuate, effective at ensnaring victims, and easily profitable for threat actors challenging cyber security in education. Until the education sector can improve its defense against these dynamics, threat actors will continue to leverage what is already working. The phrase, "if it's not broken, don't fix it" applies heavily to these 'old-school' cyberattack tactics that are still working against schools in the education sector.
HIGHER RANSOM DEMANDS
The pricing of ransom demands against the sector will increase, for several reasons. First, the trend outside of the sector is already evidence of increasing prices. Second, a higher proportion of school districts carry cyber insurance than organizations in the general market. Third, the downstream costs of disrupting remote education for thousands of students force a quick response by a compromised institution, and if internal cybersecurity procedures and staffing are not top-notch, paying the ransom will often resolve the incident faster. Finally, significant price elasticity remains untested when earlier justifications for paying a ransom demand have been made based on saving less than an hour per person at a compromised university.
ONGOING SHORTAGES OF IT STAFF
IT teams in school districts are stretched and overwhelmed with the growing set of responsibilities for supporting remote learning platforms, as well as attempting to rapidly address a decade of underinvestment in cybersecurity. Only three out of five education institutions have a full-time cybersecurity specialist on staff, even 12 months after the pandemic altered the education landscape with remote learning.
CREATING DISRUPTION IS STILL A MAJOR DRIVER
Creating maximum disruption will remain a major driver especially with the ability to cripple an entire school district or university. As long as online learning is the dominant feature, which considering the course and longevity of the pandemic, it will be, threat actors with the ability to cause a maximum disruption incident will increase the odds of receiving a prompt financial payoff. The non-technical solution is to bring everyone into a classroom but today that does not exist for many school districts. Teachers and faculty have already been pushed into teaching in a format that they are not experienced in, students are isolated from their peers and living through a period of disrupts, and IT staff are ill-equipped, under-trained, and under-resourced already. There is a relentless ongoing escalation of stress levels across the sector from actual threat incidents and the perceived threat of imminent cyberattacks at the most inopportune times, will incur high costs to the health and wellbeing of everyone in the sector.
INSIDER THREATS AND UNAUTHORIZED DELEGATION
The education user base - staff, faculty, students, and parents/guardians is dynamic and contains varying degrees of cybersecurity awareness. If sufficient attention is not paid to the convenience side of stronger cybersecurity protections, the user base will continue to find workarounds that negate the added protections, by doing such actions as sharing credentials and using weak passwords.
Keep Reading: Cybersecurity in Education
In this whitepaper, we look at the cybersecurity threats the education sector faces and highlight new security solutions, like different methods for multi-factor authentication (MFA).
Download this whitepaper to learn more about:
• The education sector's characteristics making it susceptible to cyberattacks
• How elevated security protections without improving convenience will fail
• Best practices for cybersecurity preparedness