‘Schools need to update their priorities to accommodate a hybrid learning future’

The education industry has been a top target for cyber criminals since the rise of remote learning. Just weeks ago, laptops issued to vulnerable children to support their remote learning were infected with a strain of malware linked to servers in Russia, and more recently 15 Nottinghamshire schools fell victim to a sophisticated cyber-attack that forced them to shut down their IT networks. Both served as a stark wake-up call for the education sector. 

The scale of this threat should not be news to those working in the industry, however. The Cyber Security Breaches Survey 2020 revealed that an alarming 59% of UK schools and education institutions reported a security breach or attack in the preceding 12 months, compared to 46% of businesses. The seriousness of this threat should not be underestimated, especially for independent schools, of which 60% admitted to having experienced a cyber-attack in the five years up to 2019 – before the pandemic even struck. 

The past year has pushed an already emerging trend toward hybrid learning into the mainstream. And even though students and staff are now back in school, it has never been more important for the education sector to make cyber security a priority when it comes to safeguarding students, as well as physical safety while on school grounds. 

Traditional mitigation techniques are not enough

Despite 98% of schools using antivirus software, and 99% using some form of firewall protection, attacks on education systems are continuing to prove successful and are becoming highly sophisticated. 

The most common attack method remains phishing. The tactic has proved fruitful for many years and relies on attackers constantly updating the false ‘hooks’ they use to dupe unsuspecting victims – perfect in the midst of a pandemic storm. One of the most common examples in the last 12 months has involved cybercriminals sending malicious links designed to look like those from popular video apps used for remote learning to trick unsuspecting victims.

As well as old attack types evolving, new methods have emerged that take advantage of the novelty of video conferencing systems. In particular ‘Zoom bombing’, whereby an uninvited user accesses a video call or online class – for example, a headteacher recently revealed cases of students from outside of his school Zoom-bombing his school’s online lessons. Such methods, although seemingly harmless in some cases, pose a serious threat to everyone’s privacy and run the risk of students being exposed to inappropriate materials.

Schools need to match the sophistication of the cyber world

Educational institutions must adopt a robust cyber security strategy that not only acknowledges traditional threats, but also addresses new, more sophisticated approaches that cybercriminals are leveraging. 

The recent school closures to accommodate the UK’s third lockdown have prompted encouraging developments to improve the sector’s security posture. The Department of Education (DfE) recently published a guide to cybersecurity best practice for remote learning and is now liaising directly with the NCSC and education institutions to share advice on avoiding cyberattacks and how to mitigate the consequences when they do occur. 

The DfE has also mandated that it will implement a formal plan for secure remote learning by September 2021. But in the meantime, education institutions must ensure students, as well as staff, are kept secure when working and learning from home. 

As a first port of call, IT teams across all levels of education can and should be implementing standard solutions to mitigate risks, such as securing VPNs and establishing a strong firewall and internet gateways to protect IT networks from attack, unauthorised access and malicious content. 

However, more can be done to negate a significant portion of the attacks we are seeing in today’s advanced cyber landscape. For example, education institutions should mandate basic cybersecurity awareness and training for all staff and students to raise awareness of good cybersecurity practices. This approach to mitigating cyber risks can also be useful for alleviating challenges caused by funding and budgetary issues. 

For those specifically tasked with ensuring IT security, solutions that secure and validate the identity of all their network users should be a priority. Identity access management, for instance, implements strong authentication and digital identification techniques to enable secure access and interactions for all staff and students.

Preparing for a hybrid learning future

The events of 2020 finally prompted a belated realisation of just how important cyber security is. Remote learning has been indispensable during lockdown and provided a powerful foundation for new channels of education, many of which are expected to remain prominent for hybrid learning methods post-pandemic. 

These innovations augur well for the future, but with every innovation comes an extended and more complex threat landscape. Many technology partners possess the expertise in hands-on security monitoring, cutting-edge threat intelligence, and secure, compliant hosting of sensitive data, to help education institutions adopt a robust approach to security that is tailored to the systems, tools and materials being used by pupils and staff.

Looking back on the last 12 months, we should be proud of the rapid advancements in online education we’ve seen. As we continue to adapt and deploy new technologies that support effective home learning, it’s critical that we continue to raise the awareness of students and staff around cyber security threats, so we can deliver a safe and secure cyber future for all those learning.