When cyberattacks are more likely to happen to schools

When cyberattacks are more likely to happen to schools

Data pulled from Australian K-12 schools across 2018 has identified the kinds of malware and security threats that local institutions are most at risk of, discovering that there is a significant spike in attacks when students return from holidays.

The two biggest instances of increased cyber activity were just after Easter in May 2018, and in October following the mid-year break.

With the Easter break over, it’s important that schools look ahead to see how they can prepare for these anticipated increases in cyber activity later in the year, and how they can educate students to help prevent them in future.

Malwarebytes regional manager, Jim Cook, said the post-holiday period is particularly busy in terms of cyberattacks because that’s when the data is ‘flowing’ again.

“Our data indicates that when students go back to school, cybercriminals go back to work,” Cook told The Educator.

He says this is for a variety of factors, including the increase of mobile devices that are being introduced and utilised in modern classrooms.

“More and more, schools are embracing Bring Your Own Device (BYOD) learning environments, increasing the number connected devices such as laptops, tablets and even wearables on the school’s network,” Cook explained.

“While there are obvious connectivity and mobility advantages to these technologies, they also increase the risk of malware infections, which can spread rapidly across networks if not properly secure.”

Cook said these kinds of spikes are often seen after the school holidays as students have taken their personal devices home.

“While off campus, they have engaged in activities, such as browsing unmonitored sites targeted by cybercriminals, and unknowingly infected their computers,” he said.

Despite first term back being a markedly chaotic time for schools, Cook said there are ways principals can respond to the challenges posed by these post-holiday cyberthreats.

“Preparedness, a proactive line of defence and education are critical for principals who want to respond to the challenges posed by post-holiday cyberthreats while still staying on top of day-to-day responsibilities,” he said.

“Schools may not always have the staff or resources to properly monitor and manage security, but they can get ahead of any concerns by deploying a holistic security solution.”

He said these end-to-end solutions will identify threats, alert IT teams to potential risks and respond proactively to issues as they occur.

“An intuitive endpoint security solution combined with a next-generation firewall will help to protect staff, students and important data from cyberattacks and hacks before they occur,” Cook said.

“A good offence is always a good defence, but it is also important to make sure the whole team is across the game plan.”

In this way, says Cook, education is perhaps the most important step for principals to manage digital threats.

“Cyber-awareness learning should be incorporated into school curriculums, with students and faculty encouraged to embrace cyber best practice such as regularly changing their passwords [ideally utilising a password manager], backing up data and learning how to identify potential warning signs,” he said.

Cook said Malwarebytes is defending schools from new and emerging threats by delivering security solutions that safeguard campus endpoints using “multi-vector protection”.

Malwarebytes Education Site License includes a number of the program’s highly regarded services, including Malwarebytes Endpoint Protection and other offerings that schools can use to centrally monitor and defend their environments,

Cook said this provides the visibility and real-time information needed to proactively identify cyber threats.

“In the event that a school is compromised, Malwarebytes Incident Response deploys rapid Windows and Mac remediation to sweep servers and storage arrays for malware,” he explained.

“With these measures, Malwarebytes gives principals confidence that their staff, students and intellectual property are protected from any existing or emerging threats, no matter what time of year it is.”