By Renee Tarun, Deputy CISO/ Vice President Information Security, Fortinet Inc
The threat landscape is continuously evolving with the adoption of innovative technology to meet vast demands. This is especially true in the education sector. As academic institutions adopt new technologies to sustain hybrid and remote learning and are constantly targeted by threat actors, leaders in education must stay one step ahead by taking proactive approaches to managing the risks to their networks and data. This blog explores the current state of network security in the education sector and discusses approaches to education cybersecurity in an evolving threat landscape.
The rapid shift to secure online and hybrid learning in education cybersecurity
Within and beyond the education sector, many organisations faced unprecedented challenges in 2020 as a result of the COVID-19 pandemic. K-12 schools and colleges alike had to rapidly transition to remote, socially distanced in person, or hybrid learning. For many, this meant quickly building up IT infrastructures that enabled students to engage in learning from home, faculty to teach from their kitchen tables, and staff to access the work network remotely.
This large-scale increase in network and technology usage, as well as the sheer number of individuals accessing those networks from often-inadequately unsecured home internet connections and devices, both increased and complicated the threat landscape. Bad actors were quick to seize on opportunities. – they leveraged phishing attacks to try and capitalise on the uncertainty of the pandemic and attempts to exploit new vulnerabilities.
Even those institutions that prioritised cybersecurity in this transition were challenged to plug every potential gap on such a short time scale. As a result, many now find themselves with patchwork security solutions that may contain unidentified gaps. But moving forward in 2021, it is time to reflect on potential threats and make efforts to fortify and expand existing security measures.
Biggest cybersecurity threats in education cybersecurity
As 2021 sees a continuation of remote and hybrid learning environments, as well as transitions between these learning modes, security is paramount. Bad actors continue to search for exploits, and cybersecurity professionals in the educational sector must act swiftly to stay ahead.
The latest Global Threat Landscape Report by FortiGuard Labs outlines some of the most significant cybersecurity trends. Based on that report, those in academia should particularly be aware of the following threats in the coming year:
- IoT and CMS threats: With nine of the top 10 exploits targeting Internet of Things (IoT) devices and content management systems (CMS), institutions should look out for vulnerabilities in these categories. Vulnerable learning content management systems can make soft targets for easy access into enterprise environments. Attackers are also seeking to subvert the less-than-enterprise-grade security inherent to many IoT devices used in home networks.
- Phishing attacks: Malware-laden phishing attacks that inject code or redirect users to malicious sites became particularly prevalent due to the remote learning and work from home trend.
- Ransomware: The continued evolution of Ransomware-as-a-Service (RaaS) means academic institutions must guard against demands made by cyber criminals who threaten to disclose sensitive student data. Ransomware activity jumped 7x in the last half of 2020 alone.
- Malware: One vector that bad actors targeted was Microsoft systems and applications used by students and educators. These include 32-bit Windows executables, MS Office products, Visual Basic, and the Microsoft Intermediate Language. Common document formats such as PDF and RTF are also prime targets, as are web browsers.
Edge environments that grew considerably due to the transition to remote and hybrid learning are targets that remain ripe for exploitation. That said, this trend has also encouraged a move to in-depth security monitoring and enforcement to every edge device, perhaps spelling the end of inherent trust-based security as we know it.
Education cybersecurity challenges
It’s worth noting that the education sector faces more challenges than other sectors due to their budget and resource limitations. Such resources may be even tighter in 2021, meaning these institutions must do more with less. Approaches to reducing attack surface and complexity, therefore, should be made from an efficiency standpoint.
As educational organisations shore up weaknesses in their remote access solutions and work toward protecting endpoints, they should look to leverage cloud and SaaS solutions. Attempts to consolidate visibility and administration tasks across both cloud and on-premise environments can help create a security infrastructure better equipped for efficient management.
Fortification and expansion of current cybersecurity solutions
Because the move to online and hybrid educational environments was rolled out so quickly, many initial security solutions put in place by academic institutions may be incomplete or contain holes resulting from cobbled together strategies. At the same time, this new environment is prime for cyberattack, more so than previous on-premise environments that were better planned for and contain inherently fewer vulnerabilities.
Cyber criminals will only continue to attempt to exploit existing weaknesses. Therefore, educational institutions must take the time to better fortify and expand their current cybersecurity solutions now that the initial chaos caused by the transition has subsided. Best practices for securing expanded edge networks in the education sector include the following:
- Network Segmentation: All internet-facing applications should be segmented away from the rest of the network to minimise the impact of potential breaches.
- Multi-Factor Authentication (MFA): This strategy helps protect users from the misuse of stolen credentials by requiring additional authentication during an attempted login.
- Web Application Security: Implementation of web application firewalls (WAFs) protect against phishing attacks and DDoS attacks that can cause your site to become unavailable.
- Browser Security: A cloud-based web security gateway protects against web-based malware.
- Zero Trust Access (ZTA): Protection of networks and applications is best achieved through a zero-trust approach providing only the necessary level of access privileges.
- User Education: Often, the weakest link in network security is the human element. Advise students, faculty, and staff alike to utilise strong passwords, exercise caution when using public Wi-Fi, and teach them how to spot social engineering attacks.
By expanding on the solutions put in place early in the pandemic, these institutions can ensure a robust digital infrastructure able to withstand new and evolving cyberthreats.
Prevention and attack mitigation in education cybersecurity
It’s common knowledge that the cost and effort associated with attack prevention tend to be significantly less than the cost associated with the fallout of a successful attack. Therefore, in education cybersecurity and beyond, investing in comprehensive cybersecurity strategies not only protects sensitive data and infrastructure but can also help reduce costs down the line.