Cyberattacks in the education sector up 258% last academic year
Cybercriminals are targeting educational institutions, attracted by the vast amount of sensitive data they handle: student and employee personal information, research, and intellectual property. With tight technology budgets and often weak defenses, many of these organizations are easy prey for increasingly complex cyberattacks, putting their reputation and operations at risk.
In 2023, the education and research sectors were hit hardest by cyberattacks, recording an alarming weekly average of incidents, according to Statista. A total of 1,780 attacks occurred over the last year, out of which 1,537 were the result of sensitive data breaches, according to Verizon's Data Breach Investigation Report (DBIR). This represents a 258% increase in total incidents compared to the previous year and a staggering 546% rise in data breach cases. These figures highlight the urgency of improving cybersecurity measures at educational institutions.
Recently, the Highline Public Schools district, which serves approximately 17,500 students south of Seattle, suspended classes due to a cyberattack. In a statement issued Sunday, Sept. 8, the district confirmed detecting unauthorized activity on its systems. According to a spokesperson, as of Sunday afternoon, experts had found no evidence of theft of personal information from employees or families. However, the attack knocked key systems out of operation, impacting communications, school transportation logistics, and attendance records, forcing them to cancel classes for a few days.
Top 3 Attack Vectors for Educational Institutions
The DBIR report also points out that the majority of security breaches in the education sector, around 90%, are caused by system intrusions, social engineering, and human error. Institutions are advised to follow some practical tips to protect school systems from these cyberthreats:
1- Implement measures to secure networks and devices:
First, keeping software and hardware up to date is essential as this safeguards them against known vulnerabilities. Using content filters and segmenting the network to limit access and contain potential security breaches is also key. Establishing policies for secure passwords and using personal devices (BYOD) is also crucial. Setting up separate Wi-Fi networks for personal, school and guest devices and mobile device management (MDM) ensures robust protection and compliance with cybersecurity regulations.
2- Cybersecurity Awareness:
Cybersecurity education is critical to protecting schools. Regularly training students and staff, conducting attack simulations, and fostering a security culture promotes shared responsibility. In addition, specific programs for using personal devices and workshops for parents ensure comprehensive protection at school and home.
3- Implement basic cybersecurity tools:
Schools should implement continuous monitoring solutions to detect and respond quickly to any suspicious activity on the network and use a VPN to secure off-campus connections. Protecting identities is also key at educational centers. This requires tools such as role-based access, which limits the information available based on responsibilities, and contextual access control, which adjusts security levels based on the user's location and behavior. Implementing multi-factor authentication (MFA) is crucial as it helps reduce intrusions, social engineering, and human error.
The critical need to implement strong security measures grows as schools continue integrating more technology into their daily activities, such as online learning platforms and Cloud-based attendance and grading systems. MFA provides an additional layer of protection, making it difficult for unauthorized users to gain access, even if they manage to breach one of the defenses.
By incorporating authentication via mobile app and push notifications, MFA simplifies the access process for students and faculty, drastically reducing reliance on vulnerable passwords. In addition, centralized management in the Cloud allows institutions to exercise complete control over access and configure security policies tailored to their needs.