How to detect a cyber-attack early to minimise damage

The recent wave of ransomware attacks might give the impression that cyber-criminals want their pay-off immediately says Benjamin Hosack, chief commercial officer of cyber-security firm Foregenix. However, he points out that they often exploit security breaches over the course of months, and even years, in covert attacks that can do far more damage to an organisation

So, what can schools and colleges do to minimise the chance of their websites being hacked? Benjamin shares some key steps that schools can take to keep safe and avoid such a breach.
Breaches of security are getting more expensive and no organisation is exempt! For example, the lone hacker who took down British Airway’s website for one hour caused a £100,000 loss. It doesn’t take much imagination to factor-in the reputational damage of such incidents and, with schools handling vast amounts of sensitive personal data, the risks are clear.
The GDPR affect
All organisations must now report security breaches of any personally identifiable information held to the Information Commissioners Office (ICO) – measures which were reinforced by the General Data Protection Regulation (GDPR) introduced in May, 2018. GDPR means that security breaches must be reported to the authorities within 72 hours of detection if personally identifiable data is at risk. This includes material such as medical reports, grades, images, job applications and information relating to staff, students and governors. Heavy fines are attached to any failure to disclose instances of compromised security.
The good news is that all schools can improve their ability to identify attacks early, and substantially reduce possible damage by taking some quite straightforward actions.
Install updates
Our own research – based on 80,000 European websites – found that 80% are vulnerable to cyber-attacks and the main reason is a simple failure to install the latest updates. So, patch or update all software!
Use threat-detection services
Specialist cyber-security firms provide high-end, managed detection and response services to cyber-threats. As most organisations struggle to detect the threats in the first place, this type of service is vital in reducing the likelihood of experiencing a catastrophic breach in your school.
Use a ‘honeypot’ 
‘Honeypots’ are decoys that appear to be legitimate components of an organisation’s network, containing valuable data. As soon as a honeypot has attracted the attention of the cyber-criminal, a warning is triggered. Combining a honeypot with other security controls provides an additional layer of security, and is highly recommended. 
Train your employees
The biggest cyber-security weakness in an organisation is the people. Keep your team trained, including non-technical staff. Keep everyone up-to-date on the latest cyber-threat security. Everyone should be aware of the threats and how the school might be attacked so that they can be alert and raise the alarm.
Monitor security alerts daily
Attack traffic usually has a very specific pattern and hacked business systems can be detected quickly if security alerts are being monitored across the organisation. 
Learn from the past to predict future attacks 
Cyber-criminals certainly do like to strike in the same place twice – and often by the same methods. Pre-emptive action, and monitoring based on past attacks, can lead to quick identification of a security breach.
Organisations that follow these actions will also reduce any potential damage – financial and reputational – by showing they have been proactive in their approach to cyber-security. 
Don’t forget to follow us on Twitter, like us on Facebook, or connect with us on LinkedIn!

Don’t forget to follow us on Twitter like us on Facebook or connect with us on LinkedIn!

Be the first to comment

Leave a Reply