In a world increasingly reliant on technology, protecting educational institutions from the rising threat of cybercrime is a top priority. The Education & Skills Funding Agency released an updated guide, designed to help School Business Leaders (SBLs), academy trusts, colleges, and independent training providers (ITPs) navigate the complex world of cybercrime and cybersecurity. As school business leaders, it’s essential to remain vigilant about the risks of fraud, theft, and irregularities, implementing proportionate controls to safeguard our institutions – including protecting against cybercrime.
The faces of cybercrime
Cybercrime is an umbrella term encompassing a wide range of criminal activities that occur online or through computer systems. Understanding these various threats is essential in bolstering our educational institutions’ defences. Let’s take a closer look at some of the most common types of cybercrime.
Ransomware – the top threat
Ransomware is the UK’s most prevalent and concerning cyber threat, with a significant number of attacks reported to the Department for Education. Typically introduced through advanced phishing or social engineering attacks, ransomware enters a network and seeks out valuable data, encrypting it with the intent of demanding a ransom in exchange for decryption. Some attackers have even evolved, threatening to publish compromised data unless their demands are met. This type of attack often targets critical data such as financial systems, personal identifiable information, intellectual property, student coursework, staff records, and MIS/SIMS databases.
Insider threats
An insider threat occurs when an individual within an organisation misuses their authorised access to carry out malicious activities or cause harm. It can involve unauthorised data disclosure, grade manipulation, altering personal information, compromising safeguarding details, accessing financial records, launching DoS attacks, or committing fraud. In some cases, students themselves pose an insider threat, testing their skills within the institution or selling access credentials to external attackers.
Phishing
Phishing is a social engineering technique designed to deceive users into divulging their credentials or personal information to attackers. Usually, these attacks are delivered via seemingly authentic email messages, complete with corporate or official logos. Phishing emails often contain links to websites that silently install malware or attachments that, when opened, inject malware into the system. These attacks typically request verification of sensitive information, such as account numbers, passwords, or dates of birth.
Mandate fraud
Mandate fraud often originates from compromised email accounts, usually as a result of a successful phishing attack. This type of fraud involves attackers contacting victims while posing as regular payment recipients. By monitoring the compromised email account, attackers wait for an opportunity to change bank payment details on an invoice. They might also establish forwarding rules to intercept communications discreetly.
Bolstering cybersecurity in education
School business leaders need to establish robust defences against cyberattacks. Staff training is pivotal to ensure that:
They verify the authenticity of email senders before making payments or sharing sensitive data.
In cases of email requests for payments or bank detail changes, they directly contact the sender without using the reply function.
They double-check the authenticity of contact numbers when calling to verify an email’s legitimacy.
They comprehend the risks associated with public Wi-Fi usage.
They appreciate the importance of following payment checks and measures.
Cybersecurity standards
To bolster the digital infrastructure and resilience of educational institutions, the Department for Education has introduced a set of cybersecurity standards. Complying with these standards empowers institutions to make informed decisions about technology, fostering safer, more cost-effective practices and enhancing the learning experience. Further cybersecurity measures can be implemented, such as active network monitoring tools, threat intelligence feeds, the Zero Trust Security Model, cyber insurance, Security Information and Event Management (SIEM) tools, phishing simulation exercises, next-generation firewalls, and Intrusion Detection Systems/Intrusion Prevention Systems.
As SBLs, a commitment to cybersecurity ensures a safe and secure digital environment for students, staff, and institutions. By staying vigilant and informed, we can better protect our educational communities from the ever-evolving landscape of cyber threats.
Be the first to comment