We often think cyber-attacks only affect large corporations like Equifax, Home Depot, Uber, and Target. While these are extensively covered in the national media, what we don’t hear about are all the school districts across the country also being hit by cyber thieves.
According to Verizon’s 2017 Data Breach Investigation Report there were a total of 455 reported cyber security incidents in the education sector last year. Furthermore, the U.S. Department of Education issued a Cyber Advisory Alert due to the increased risk. Why do cyber criminals consider educational institutions “soft targets”?
- These organizations are thought to be more likely to pay ransoms or give cyber criminals what they want. School districts must do what is necessary to restore day-to-day services as quickly as possible after attacks.
- Your information is valuable. A child’s identity is extremely attractive to identity thieves because it is a clean slate. Thieves use a child’s Social Security number to obtain employment, government benefits, or credit without detection until the child is of age to obtain credit.
- Cyber criminals realize that many school districts face budget shortfalls and have a wide range of other expenses that take priority over cyber security.
What can you do?Basic security hygiene, such as routine patching and strictly segregating all networks including students WIFI.
- Educate employees on how to detect a potential attack
- Establish routine vulnerability management and scan for patches
- Finally, be sure to have a breach response plan in place and practiced for when attacks happen.