industry unlocked
COMBATTING THE ONGOING ISSUE OF CYBERATTACKS ON THE EDUCATION SECTOR
The education sector is a lucrative target for cybercriminals due to the abundance of sensitive data in its possession combined with lacking the relevant resources to combat such attacks . Achi Lewis , Area VP EMEA for Absolute Software , discusses the dangers posed to the education sector and how to prevent and respond to them .
t came to light
I recently that 14 UK schools became the victim of a major cyberattack , resulting in confidential documents , including children ’ s passport scans and staff contracts , being leaked .
The data was leaked online after schools failed to pay the ransom demands .
The documents contained data such as children ’ s SEN information , staff contract details , including the headmaster ’ s salary , bursary fund receipts and
Achi Lewis , Area VP EMEA for Absolute Software children ’ s passport scans which had been used for school trips .
“ The education sector is a lucrative target for malicious cybercriminals due to the large volume of sensitive data stored on school and university systems ,” said Achi Lewis , Area VP EMEA for Absolute Software . “ As a result , ransomware attacks are a case of when , not if , which demands educational institutions to ensure they are prepared to both prevent and respond to these attacks , else they risk having documents stolen and leaked .”
I caught up with Achi Lewis , Area VP EMEA for Absolute Software , to pick his brains about the education sector ’ s wider threat landscape when it comes to these types of attacks , and how it can become more cyber-resilient .
What makes the education sector such an appealing target for cybercriminals ?
In education , cybersecurity is rarely topof-mind – until a major incident occurs . Yet , according to the Federal Bureau of Investigation , schools are top targets for cybercriminals , resulting in ransomware attacks , data theft and the disruption of online learning . Cyberattacks are particularly challenging for primary and secondary schools , as they often face resource limitations and cannot attract the necessary talent to implement enterprise-grade defence strategies .
With 1:1 programmes the new norm ; devices are used more frequently – and from more locations – than ever before . New applications , delays in patching and failing security controls added complexity and vulnerabilities to the environment . These environmental factors together with the type and amount of personal data maintained in education systems make primary and secondary schools and colleges a prime target for ransomware and placing student and school safety at risk .
What attack methods are typically used to attack schools ’ cyber defences and what can be done to prevent or mitigate these types of attacks ?
The attack methods used by threat actors don ’ t differ much for other vertical markets . Most of today ’ s cyberattacks are front-ended by credential harvesting campaigns that use social engineering techniques , password sniffers , phishing campaigns , digital scanners , malware attacks , or any combination of these .
44 www . intelligentciso . com