Schools are becoming increasingly attractive targets for hackers. The pandemic may have played a role, as many schools had to move their operations online, but the main issue is that schools store large volumes of sensitive data that can easily be exploited by scammers and other criminals.
Throughout 2022, education/research was the most attacked sector in the UK, with a weekly average of 2,653 attacks, an increase of 237% from 2021, new research has found.
The UK government Cyber Security Breaches Survey 2022 finds that primary schools are close to the typical business in terms of how many identified breaches or attacks. Secondary schools were much more likely to identify breaches or attacks and are closer to large businesses in this regard (72% of large businesses identify breaches or attacks, as covered in the main Statistical Release). Of all educational institutions surveyed, further education colleges (88%) and higher education colleagues (92%) were most likely to identify breaches or attacks.
Vice Society is one of the threat actors that targeted educational institutions in the UK and the US in 2022, according to Infosecurity magazine. When schools refused to pay ransom, they leaked confidential data, including children's SEN information, pupil passport scans, staff pay scales and contract details.
In the US, The FBI, CISA and the MS-ISAC have issued a joint advisory to instruct IT administrators in the education sectors on how to defend against Vice Society ransomware attacks.
But a question arises: should parents and students rely only on authorities to protect their data and privacy?
1. Set strong passwords for their accounts
Weak passwords serve as open doors to online accounts. You have two options: create strong, unique passwords and remember them, or use a Password Manager that generates unhackable passwords and stores them for you. In either case, strong passwords and multi-factor authentication are the basics for safe accounts.
2. Use a VPN when connecting to the school's wifi network
Encrypting your traffic forms the extra layer of protection you need when you connect to public wi-fi. The best thing about using Bitdefender VPN, for example, is that one subscription lets you activate it on up to 10 devices, keeping all your online identities and activities safe from hackers.
3. Stay on top of breaches with Digital Identity Protection
Digital Identity Protection monitors, detects and alerts you about your exposed information on the web, but also in places you can’t easily get on your own – such as the Dark Web. It only needs your email address and phone number to crawl data leaked from breaches to see if your information was exposed. You get to know your breach history, see your digital footprint (or your child's) and receive alerts when involved in a new breach.