For approximately 18 months the Covid-19 pandemic has cast a particularly revealing spotlight on sector after sector, highlighting failings and stresses in areas as varied as health and social care, welfare provision and working practices. The education sector was yet another to be impacted and whilst some of the side-effects were predictable, what was perhaps not foreseen by so many was the way in which the Covid pandemic would amplify and highlight the cyber security threat the education sector now faces.
According to UNICEF, by March 2021 schools responsible for the education of more than 168 million children around the globe had been completely closed for almost a year. Education provision did not grind to a complete halt, with the focus switched from in-person to remote learning, which for many was a significant change made in haste.
Across the world the biggest challenge this presented was the lack of digital infrastructure. Further UNICEF data showed 31% of students, from pre-primary to upper secondary schools, couldn’t be reached to facilitate remote learning due to a lack of either the policies needed to support digital and broadcast remote learning or a lack of the household assets needed to access such learning.
In 2019, for example, investment in ‘EdTech’ globally reached a record high of $16.34 billion, while the combined global figure for 2018/19 outstripped that of the 20 year period between 1998 and 2017. It’s been predicted that by the year 2025 the global market in this technology, required by educators to facilitate remote learning, will be worth $350 billion.
Mind the security gap
When a technological shift of this magnitude occurs, criminality will typically follow, taking advantage of the kind of lag in security that almost always accompanies every ‘great leap forward’ – think cheque fraud, cloned bank cards and online banking crimes.
This is currently being reflected in the education sector. Research into the US education sector, from kindergarten to provision for 17/18 year olds, showed that 2020 had been a record breaking year for cyber-attacks, with 408 separate reported incidents representing an 18% increase year on year.
According to research published by Microsoft, which flags up the state of play over a rolling 30 day period, cyber-attacks on the education sector dwarf those targeting other sectors, accounting for 63.42% of all incidents. By comparison, attacks on the business and professional service sector – the next highest – accounted for just 9.2%.
In the UK, the problem of ransomware attacks on the education sector became so acute during May and June of 2021 that the National Cyber Security Centre, a part of GCHQ, felt the need to update and reissue an alert it had already issued in September 2020 and March 2021.
Why the education sector and why now?
The main drivers of the rise in cyber-attacks and in particular ransomware attacks, on educational facilities are the wealth of valuable and sensitive data that places like schools, colleges and universities hold and the perceived vulnerability of their IT infrastructure.
The data within HE and FE institutions may be considered of low value to criminals, but will continue to be targeted for ransom as this data is of huge importance to those institutions, which need it to maintain their operational activities – theft is not the driver, but putting data beyond use until the ransom is paid is an effective strategy.
Many universities will undertake important research, with sensitive data and valuable intellectual property being targeted for commercial gain, both by organised crime groups and state actors. It is thought that Russia, Iran and possibly China all probed institutions like Oxford University, when human clinical trials began on Covid-19 vaccine trials last year.
These vulnerabilities have been amplified by the switch to remote learning and a reliance on devices such as tablets, laptops and smartphones, which has made it harder than ever for schools to maintain security across the board and close the kind of loopholes that cyber criminals seek.
Apps such as Google Hangouts and iMessage have been used to deliver the kind of phishing campaigns that kick-start ransomware attacks, at a time when many educational establishments lack the kind of full-time IT security presence employed by the majority of larger private businesses.
The rush to ensure that no child was left behind during the pandemic, laudable though that aim was, has led to educational IT systems with a range of weak spots that they may be unaware of, but that criminals are all too familiar with.
Many establishments make use of on-site data storage which amplifies the risk of data loss due to the lack of a back-up or disaster recovery plan not reliant on this on-premise solution. The challenge for those in charge of educational establishments, is to take the steps needed to mitigate the risks they face, whilst achieving the right balance between risk, cost, process and availability.
Why isn’t education taking security seriously?
This is a question being asked by many, given the resulting time-consuming and financially damaging recovery actions that follow any successful attack. Unfortunately, it would appear a lot of education establishments do not know what they need, until after they need it.
Which is why CirrusHQ, in conjunction with Amazon Web Services (AWS), now the leading cloud platform with a 32% share of the overall market, is delivering a powerful webinar that considers three key areas that need to be addressed in the face of the challenges faced by education establishments in the UK:
- How to repel an attack
- How to minimise disruption after attack
- You’re on the Cloud – what next?
We’ll look at the technical solutions to these challenges and also hear first-hand accounts from institutions that seized the opportunity after experiencing disruption to look to revolutionise their infrastructure by shifting from on-premise to the Cloud.