Cyber threats against school systems are increasing

Can’t hardly wait—to get hacked.

School systems around the country are increasingly the target of threat actors who see the learning institutions as soft targets. For IT workers who are already overstretched in their positions within school systems, that means headaches on top of headaches.

“Threat actors believe schools are vulnerable and [with] underfunding, they think they’re good targets,” John Genter, VP of security and cloud operations at edtech security firm Lightspeed Systems, said during a webinar on school cybersecurity on October 20.

Strategy first. The first thing you need is a strategy, added panelist Troy Neal. Neal, who is the executive director of cybersecurity and technology operations at Houston area Spring Branch Independent School District, listed off the precautions he takes.

“I’ve got a five-tier strategy. I’ve got air-gap solutions, and our [colocation], and our [disaster recovery] site. I’ve got good old USB hard drives that are…critical. I’ve got a cloud copy as well, in multiple cloud providers, also validating the backups,” Neal said. “But I mean, overall, you gotta start with a strategy and a roadmap.”

Part of that roadmap is staff awareness—it’s the best method to combat attacks. Neal said that his team uses a “very stringent onboarding process for software” that tries to address any and all data breach holes and demands the same of vendors.

But those vendors can be a source of weakness for bad actors looking for vulnerabilities, Genter said. School districts for the most part are required to publish information on both vendors and apps on their sites—public information that can open the door to attacks.

In the balance. Districts should balance the requirements of the law and the need for parents to understand what resources are being used by their children with security concerns, Genter said. It’s a delicate balance. Districts should err on the side of sharing enough information with the community, but not more than is necessary.

Schools will continue to present attractive targets to cybercriminals, the panelists said. They’re valuable, vulnerable, and accessible. And organized groups are going to be able to take advantage of flaws in the system.

“The reality today is cybercriminals have organized themselves very efficiently,” Genter said. “They have a level-one support that tries to get the resources and then they escalate it to a level two, who has more skills to get to the next level. And then they escalate to a level three who really knows how to get in and break into things.”—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @EoinHiggins_ on Twitter.