Malicious actors will target the education sector for many of the same reasons they target healthcare, government, and private citizens on a daily basis. At the college level, many students will have personally identifiable information (PII) that can be sold on the dark web, and even elementary schools will be targeted if bad actors think disrupting the school network will get administration to pay a hefty ransom. Everyone working within the education sector should be on guard for potential cybersecurity attacks, and we want to go over some of the most common attack strategies you can expect to see!
Phishing
Everyone is familiar with the low-effort phishing attacks that come into email inboxes every day, but people working in the education sector may be targeted by more advanced phishing strategies as well. Attackers may try to spoof services they know are commonly used by workers at a school, and they can send their attack at times when school personnel will be the busiest and easily distracted because of the predictable schedules of most schools. Additionally, those in administration can be the targets of spear phishing attacks because their privileges within the network are appealing for ransomware attacks.
Social Engineering
With the public facing nature of the education sector, malicious actors can also target schools with complex social engineering tactics baked into their attacks. It has become easier than ever the create a fake back story and convincing false identity, and with just a small amount of information on students, a bad actor could try to impersonate parents or other members of the school’s community. Anyone working in education should be suspicious of unexpected communications and double check the phone numbers or email addresses of the people trying to contact them about student or network information.
Vulnerabilities
It is well known how busy teachers and members of administration get with their daily responsibilities in the education sector. Sometimes, it may be tempting to put off updating a work computer or laptop, but this can be a dangerous habit to begin. Any device connected to the school’s network should be updated regularly because malicious actors will try to exploit known vulnerabilities that have not been patched yet. Along with devices, any applications or software that school employees use should be updated regularly as well because web-facing assets can be attacked from anywhere in the world if they are found to be vulnerable. Â
Summary
We know that teachers and administration in the education sector have complex and critical jobs that heavily impact our community. Our team here at Robinett Consulting wants to improve the security and resiliency of school networks, and the first step is helping those in the classroom be aware of the ways malicious actors may come after their data. Complicated phishing campaigns, convincing social engineering tricks, and attacks on vulnerable systems are just a few of attack strategies malicious actors will use but working with a local IT consultant to mitigate these threat surfaces can go a long way in keeping schools and students safe!
