Defending schools and school children from cyberattacks

By Tanium

Alvin Tan, Regional Vice President of Tanium shares the challenges and next steps for securing the tech in education.

Hackers attacked 63 schools and digital education systems in Buffalo, USA during the Covid-19 pandemic, infecting systems with ransomware. Teachers’ computers had been frozen, with hackers demanding money in exchange for their release, reported NBC.

Education systems are increasingly targeted by cyberattacks, and the growth of home-based learning and use of devices hasn’t helped. School systems must also naturally stay open to allow students to gain access. But with this openness comes risk.

Alvin Tan, Regional Vice President of Tanium, explains why education systems are vulnerable to cyberattacks. He also shares how greater cyber education and a consistent security platform across devices can help address these challenges.

Schools as “hopping points”

Schools tend to be more vulnerable as their network is “porous” by design, says Tan. Their networks have to provide wider access to accommodate the many students and teachers accessing online education.

This makes schools ideal “hopping points” for hackers. Adopting schools’ IP addresses allows hackers to disguise themselves when they attack more secure targets, such as banks and government agencies.

The next steps for protecting schools

There are more than 300,000 laptops, desktops and servers distributed to schools across Singapore, he estimates. Each of these can be connected to the education ministry’s - or even the whole government’s - wider network. This poses a lot of risk for school devices.

A next step for the schools could be to adopt a single cybersecurity platform across these educational devices. This would ensure a consistent security programme across a wide range of laptops, desktops and servers, enabling them to receive the latest security updates as they are released. This allows schools to carry out proactive threat hunting and rapid incident response.

Tanium’s security platform can act as a search engine, providing a risk assessment of any device that is connected to a network. It also allows cybersecurity teams to search for critical information that helps guard against threats, Tan explained previously.

In addition to devices owned by the schools or the Ministry of Education, schools should also ensure that devices they provide to students have a pre-installed cybersecurity software that lasts four or six years. Having a long-lasting security programme ensures protection throughout a student's education journey.

While some see Apple products as more secure, students may be drawn to Windows devices because of their flexibility, Tan says. Unbeknownst to many, Windows devices already contain security software such as Defender AV, Applocker and Bitlocker, and capabilities such as attack surface reduction, but these are often inactive by default.

Tanium can help to activate these softwares in order for the devices to meet schools’ security requirements, he adds.

Encouraging cyber hygiene

Another challenge for school cybersecurity is ensuring security compliance among users. This is particularly difficult among young students and families. “Some of them may want to follow but don't know how,” Tan says.

Cybersecurity relies on educating the user, he notes. Improving understanding among students and families will help reduce opportunities for hackers to gain access.

Cybersecurity training in schools should be a “constant education” rather than a one-off session, he emphasises. Potential topics could be what to do when encountering a website that seems suspicious, or the best ways to remain vigilant when playing online games.

Children are the future, and part of their responsibility is to understand the risks that lie ahead. While digital education continues to grow, cybersecurity platforms and protective software can assist in ensuring that hackers are kept out of the classroom.