*By David Silva
Educational institutions such as schools, colleges and universities have been a constant target of cybercriminals. With the Covid -19 pandemic, the educational sector accelerated its digital transformation journey, but institutions did not modernize their infrastructure or assess the risks behind this evolution.
The IT environment in this sector often has a complex architecture, which needs to be available and secure. However, the lack of resources and budget, cultural issues and the absence of policies undermine the protection of institutions.
The IBM Security X-Force Threat Intelligence Index report, mapped the new trends and attack patterns from January to December 2021. The education sector ranked 7th where it received 2.8% of attacks worldwide.
The types that most noticed attacks were:
- O adware, which are advertisements and advertisements that open all the time while you browse certain websites;
- O ransomware, which is a malware which encrypts important files on local and network storage and demands a ransom to decrypt the files;
- Attack BEC, which works when someone impersonates an employee, director, executive or even the CEO of the company to make money or steal confidential information;
- RATs, which is a software that allows remote access to the system, just as if he were physically using the machine.
Server access attacks and fraud were also commonly seen in education organizations in the past year. THE phishing was the main infection vector used against educational institutions, followed by brute force attacks.
Why is data important?
Data theft affects all levels of education because all institutions retain student and staff data, including sensitive details such as names and addresses. This type of information can be valuable to cybercriminals for a variety of reasons, whether it's selling the information to third parties or using it as a bargaining tool and extorting money. In schools, it is very important to protect the personal information of children and adolescents. Hackers also aim to obtain personally identifiable information belonging to children, as having this information makes it possible to create plans for identity theft within a few years.
Financial gain is one of the reasons cybercriminals carry out an attack on an educational institution. This may not be such a high risk for public schools, but with private institutions, colleges and universities/colleges dealing with a lot of student fees, they are a prime target for cybercriminals. It is also common for students or parents to pay fees through an online portal, often transferring large sums of money to cover an entire enrollment period or year. Without adequate protection or preparation on the part of educational institutions, this represents a soft spot for cybercriminals to intercept.
Higher education institutions such as Universities/Colleges are often research centers and hold valuable intellectual property and must be protected from spying.
How to protect yourself?
To help protect your assets, you need to invest in technology, people and processes. Technology is very important, but it is unable to avoid all problems if there are no well-defined processes and the participation of people to keep the environment safe, including staff and students themselves. Below, we list some initiatives that can be implemented in each of these pillars to protect the technological environment in educational institutions:
- Technology: Antivirus / anti-malware solutions, firewalls (IDS, IPS and WAF), WIPS, DLP for network and email;
- Processes: Management of access to network and systems, Incident and Problem Management, Management of systemic and infrastructure changes, management of backups and business continuity.
- People: Training and awareness campaigns on Information Security and Data Privacy for all employees, third parties and students.
Additionally, we emphasize that it is interesting that the IT architecture of institutions is divided into isolated networks, that it is adapted to the business and that security is actively thought about.
— David Silva is an Information Security Consultant (GRC) at [SAFEWAY]
How can we help?
SAFEWAY is a consulting firm in Information security recognized by its customers for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.
today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.
