The National Cyber Security Centre (NCSC) has recently put out a call urging UK schools to bolster their online defences as public sector bodies become a favoured target for hackers.
The risk factors are increasing as cyber criminals continue to exploit any weaknesses in public sector cyber security. Schools are increasingly seen as easy targets, with limited ITbudgets and access to the right level of in-house expertise.
One of the most common form of attacks is phishing where emails claiming to be from legitimate companies induce individuals to reveal personal information, such as passwords and personal data.
There is also Account Take Over where a fraudster takes over an account via easy to crack passwords. They then gain access to emails and files stored on the cloud, essentially takingover your computer.
Ransomware is perhaps the most disruptive and expensive forms of cyberattacks facing schools – where malicious software is inadvertently downloaded via a link which blocksaccess to the whole system until a ransom is paid.
So, what can you do to improve cybersecurity in schools?
Ensure you have someone with overall responsibility of IT security on the Senior Leadership Team.
Have a comprehensive cyber security policy in place to illustrate your commitment to cyber security. Our team at the NEBRC can work with you to help support the development and management of your cyber security policy.
Once you have a policy, make sure it is reviewed regularly, include it on your risk register and report on progress to your Local Governing Body.
Prepare an Incident Response Plan including a pre-determined set of instructions or procedures to detect, respond to, and limit the consequences of a cyber attack.
Implement a backup strategy – ideally with three versions of data – two copies on different media, for example the cloud and a USB and keep one off site/offline. Periodically check that you can also restore from them.
Very basic but ensure that anti-virus software is installed on everything and is working.It is important that someone is looking at the alerts as they come through. Prior to a ransomware attack, there may be a spike in alerts which can be an early warning sign.
Install security updates as soon as possible – patches sent by software providers are designed to close known vulnerabilities. The longer it takes to install a patch, the more vulnerable you are.
Ensure your operating system and software are up to date. Avoid making yourself vulnerable by using out of date operating systems which aren’t don’t have mainstream support and fixes are no longer available.
Instil good password hygiene – create a unique password for each service you are using and avoid using passwords that are easy to recall or guess. Use a password manager to store passwords if you find them hard to remember – they will remember it for you.
Use Multi-Factor Authentication (MFA) where possible. MFA is when a user must provide two or more pieces of evidence to verify their identity to gain access to an app or digital resource – banks and online retailers use them.
Encrypt sensitive content – which converts information or data into a code to prevent unauthorized access.
Implement user awareness training so all your staff understand the importance of installing updates, know how to spot a phishing email and what to do if they are accidentally caught by one. From time to time, test staff awareness of potentially dangerous emails by undertaking a phishing test and use adverse findings to build awareness and confidence of staff in potentially harmful emails.
Keep on top of your housekeeping and ensure that accounts for staff and students that have left your school are disabled or deleted.
Ensure that staff and students are only given access to files and resources that are relevant to them. If you provide a colleague with access to everything, your school will be more vulnerable if their account is compromised.
Run regular vulnerability assessments on your network to identify any systems that are out of date
Use built-in security tools like Microsoft’s Secure Score, which gives a summary of your security position based on system configurations, user behaviour, and other security-related measurements. It represents the extent to which you have adopted security controls that can help offset the risk of breaches.
Ensure that you have secure, updated, back-up copies of contact details for parents. If this data is inaccessible or wiped in an attack, you can stay in touch and avoid potential safeguarding issues.
Carry out spot checks on the team, person or supplier responsible for managing your cybersecurity. If you are supported by a company, ensure that they have Cyber Essentials Plus or ISO 27001 certifications.
At NEBRC, we work to educate and inspire organisations to understand the importance of having strong cyber security.
For further advice on how to keep your school cyber safe contact a member of our team today at: firstname.lastname@example.org