In 2021, schools across the UK (and the USA for that matter) were put on high alert following a number of cyber and ransomware attacks. This came after the Harris Federation, a non-profit chain of multiple schools in London, were hit by a ransomware attack in March that left 37,000 students unable to access their emails.
Just a few months later, the National Cyber Security Centre (NCSC) raised further awareness of the issue in June. Again, in August, a report by Check Point Research laid bare the increased danger, highlighting that there had been a staggering 93% increase in cyber attacks targeting the UK’s education sector.
There is one simple answer to avoid this: unplug from the internet. There is no safer and secure way to protect your school’s system from unwanted intrusion or attacks. Stay offline, and nothing will harm you.
But, of course, that’s easier said than done in this digital world we’re operating in, and actually is just one issue itself. While there is a more sustained risk of online attacks for education to contend with, it is doing so on a tight budget. IT infrastructure, within a school setting, is fighting against multiple different priorities to get the attention it deserves in a sector that has endured 10 years of cuts.
Indeed, despite the Government confirming that up to £5 billion would be filtered down to education in a bid to catch up on those cuts, schools are still cost-cutting. Signs of this were laid out during 2021 when a union survey suggested two-thirds of primary school headteachers believed ‘sharp cuts’ would still be required to balance the books.
Combine the necessity for improved IT infrastructure with the fact that budget spending is tight, and we’re left in a position where schools simply can’t afford, nor have the time, to make the improvements required to stave off possible cyber and ransomware attacks. In short, education is considered a soft touch, and online attackers are circling like vultures.
In this piece, we look at a range of basic steps schools can implement to better protect themselves from cyber attacks.
How Edtech will shape the future of learning in 2022
Segregation and strong passwords across different systems will provide an extra layer of protection
Today, there remains a lot of schools across the UK that have their WiFi protected by a password. And unfortunately, like many of us, one single password is used across the whole network.
Naturally, that throws up a heap of problems that schools can face, beyond an unauthorised attacker being able to access the network as soon as they have cracked the password, leaving sensitive information, like parent bank details, medical information, and safeguarding reports, gravely exposed.
Due to limitations within a school, it usually isn’t possible to apply and manage different passwords for each account and service. However, at the very least, having sensitive accounts – those that house important data – need to have an extra layer of protection.
There are a few ways this can be achieved. The first is by utilising VLANs (Virtual Local Area Networks) to segregate different traffic (guest/BYOD/staff/school laptops, etc.); the 802.1X protocol (which can be used to authenticate per device or user (Active Directory users for example); or DPSK/PPSK (basically a password per device or person) in order to limit the risk through sharing and keep it very easy to change passwords if a user leaves.
Implementing a solid DNS Security system will protect against phishing attacks
Firstly, what is a phishing attack? Phishing is the act of a scammer sending fake emails to thousands of people in one go asking for sensitive information (such as bank details) or containing links to bad websites that, once clicked, give access to your information. In short, it’s like a robber knocking on your door and you let them in freely into your home.
Alongside email security products, Domain Name System (DNS) Security is a zero-day solution that helps stop attacks that get through your email security. Understanding how DNS works and how best to protect it is a school’s first step to protecting its data.
Education: the latest authentication frontier
Categorise and sandbox websites to minimise risk
An issue to constantly manage and keep on top of as new websites pop up is sandboxing. Speaking plainly, this is the process of managing what sites students have a level of access to. It’s done by categorising URLs and putting filters in place for whether they can be accessed from your school’s system.
Sure, it’s essential to be able to limit websites that will distract pupils during classes, but the second plus is that you can remove access to sites that pose a risk to your system.
Sites like YouTube provide an interesting debate. There is a lot of educational content on there, but it can also be easily abused. There is a safe YouTube setting and any educational firewall will protect against sites like that being abused.
Google SafeSearch also comes into the mix as well and is a great tool to enforce particular websites and searches you want to prevent students from making.
Avoid free to download tools
There’s a certain appeal that comes with free tools, especially if you have been looking at an alternative that is otherwise expensive to purchase. It’s easy to look at the free alternative and acknowledge that it isn’t exactly what you wanted, but it will do the trick. Avoid the temptation at all costs on a school set-up.
An appealing free online tool could be dressed as malware or viruses, built to wreak havoc as soon as they have been downloaded. A lot of these come with Adware, which isn’t particularly dangerous but clocks up and slows your system and can showcase dangerous websites.
Finally, there is the danger that a downloaded free tool will unleash spyware on your system, which integrates into your system and steals valuable data.
The security impact of shadow IT
Prune your active directory each year
Updating a school’s active directory, is quite possibly, the most basic, yet laborious, task on this list. Regardless, its importance is undeniable.
This article has largely been about preventing online hackers, scammers, and cyber attackers from getting into your system. However, in some cases, those attacks can come from within, namely from former and previous students. Just as the school system is updated with the new cohort of pupils joining each year, it’s equally imperative to remove access to those students that have left through the school gates for the final time.
Leaving it untouched means former students will have free rein to dive right back into your system and if it happens to be someone that fancies the challenge of messing around, they’re already halfway there.
Ensure all equipment is patched and up to date and access is locked down
Software developers and device manufacturers are always looking at ways they can solidify their product and make it more secure and as and when they make an improvement, they will update that product with a patch or an upgrade. This usually comes in the form of new features, fixes for bugs, performance improvements, and, yes, security patches that are incorporated to make it as hard as possible for attackers to compromise it.
Ensure all servers and network equipment access follows best practices – a management VLAN for example, or only certain IP addresses. Also, ensure only the protocols required are enabled – SSHV2 + for example.
As we will all know from the endless amount of updates we get through on our smartphones, it can be easy to pass on the latest update. It’s exactly the same in the school environment — it can be easily missed.
It would be our recommendation to check your network’s latest patches at least once a month, just to make sure you are up to date and protected. Most patches and updates are completed automatically. That said, it’s better to be safe than sorry, right?