Keeping student data safe and maintaining information security in education are part of living in today’s world for educators. Why is it important to include data security in their work? Find an example of how to set up a school cybersecurity policy and more below.

School Cyberattacks On the Rise

There’s no sign that digital attacks are slowing down in this sector. On the contrary, schools suffered a combined total of 348 publicly disclosed malware infections, phishing scams, denial-of-service attacks and other attacks in 2019. That’s more than triple the number of attacks in the sector a year earlier.

Things didn’t get better in 2020. In April, the FBI’s Internet Crime Complaint Center (IC3) warned that threat actors could take advantage of the world’s rapid transition to remote learning to undermine students’ safety and privacy online. A summer 2020 report found that the weekly number of digital attacks per school had risen from 368 in May and June to 608 in July and August. Many of those digital attacks consisted of distributed denial-of-service (DDoS) attacks.

But that wasn’t the only problem. In the months that followed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert in which it revealed that threat actors were targeting K-12 schools to steal information, disrupt distance learning services and install ransomware. Threat actors assumed all kinds of disguises to boost their chances of success. In one attack, they even pretended to be parents in an attempt to target teachers with crypto-malware.

Why This Rise in School Cybersecurity Attacks?

Running on public funding could make it difficult for schools to find the money for consistent cybersecurity investments from year to year. At the same time, schools need to make their networks open to everyone they serve. That includes teachers, administrators, students, staff and parents — all of whom have varying levels of security awareness.

Take teachers, for example. Another report said nearly half (44%) of K-12 and college educators had not received even basic security awareness training around the digital threats facing them. Another 8% said that they weren’t even sure if they had received training. These results help to explain why so many aren’t familiar with some of today’s common digital threats.

That being said, a rise in digital attacks is what happens when schools also spend years thinking that they don’t have anything worth stealing. If there’s nothing worth stealing, then there’s no threat. And if there’s no threat, there’s no need to invest in school cybersecurity measures.

That’s a problem, given the speed with which schools are adding video conferencing apps and other remote access tools. These tools could provide attackers with a means to infiltrate schools’ networks and deploy malware. They can also gain access to sensitive data and use it to conduct phishing scams, identity theft and other attacks.

How to Improve School Cybersecurity

One of the best ways to boost school cybersecurity is to create an incident response plan. This lets personnel use defined roles to delegate essential response functions. It also enables them to test those processes so that they’re prepared in the event of a problem. That plan needs to work not only within the school’s workforce but also with external groups, including local law enforcement and the FBI.

Schools can also try to prevent an incident from occurring in the first place. They can do that by creating an effective security awareness training program. It should consist of the following three components:

  • leaders prepared for real-world digital attacks,
  • robust digital security skills, and
  • training by roles to keep the group protected against targeted attacks.

That last point is important. Teachers face different threats than students do, and those threats aren’t the same as those confronting parents and administration. Therefore, schools need to create a program that provides training to all of their different groups. It should let people know the exact actions they can take and focus on relevant security topics. It needs to go beyond just email.

School Cybersecurity Training for Students

Schools can concentrate the content of their security awareness training programs on threats that affect their teachers and staff. But they need a different strategy for students, more so those in K-12 facilities. Just as they cultivate students’ language, reading, writing and other skills, so too should they foster their pupils’ digital hygiene.

One of the most effective means to do this is to make it hands-on and fun. The Center for Internet Security and the Multi-State Information Sharing & Analysis Center hosts the National Kids Safe Online Poster Contest every year, in which kids create posters that educate their peers about staying safe online, including password hygiene, safe web browsing habits and identity theft. With programs like this, kids can be one of the many defenses against attacks on school cybersecurity.

More from Application Security

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

4 min read - Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

4 min read

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

17 min read - Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

17 min read