Educational targets affected by the increase in cyber attacks in 2021

Educational institutions are on track for a record year of ransomware attacks in 2021, with K-12 schools being the primary targets. While contributing to better academic outcomes, successful one-device-per-student and learning-anywhere programs have broadened the attack surface for cyber threats of all kinds.

Bad actors prioritize elementary schools because they are underfunded when it comes to cybersecurity staff and systems, and administrators are often eager to put attacks behind them and resume classes.

According to Sophos’ The State of Ransomware in Education 2021, the typical educational institution pays an average ransom of $ 112,435 to recover data and get networks up and running again. Additionally, malicious actors encrypt the personal identities and financial data of students, parents, and administrators in ransomware attacks, sometimes threatening to publicly disclose this data to further push victims into paying the ransom.

Crucial information on cyber threats for education also comes from an Absolute Software report “21/22 Endpoint Risk Report: Education Edition” which found that the total number of devices deployed in K-12 environments has increased. 74% from 2019 to 2020.

Absolute’s research is remarkable because it quantifies how disruption caused by digital learning, including the adoption of new technologies, has opened up new attack vectors for bad actors and cybercriminals.

Another fascinating aspect of the study is how school district IT and cybersecurity teams are drawn in multiple directions as they strive to secure the identities of their students, teachers, and administrators. Digital learning needs self-healing endpoints to scale globally, and protecting edge-based endpoints is just the first step.

Secure terminals save school networks

The Absolute study clearly shows that one device per student strategies are a challenge for IT teams.

Funding for learning programs from anywhere by federal, state and local governments has worked, according to school district CIOs with whom VentureBeat spoke. Funds were immediately allocated to at-risk children who did not have internet access or devices at home to stay connected with their schools.

In many cases, Google’s Chromebooks have dominated the adoption of new devices. CIOs told VentureBeat that the ability to lock down selective Chromebooks that are risky endpoints is a must-have feature as their online student population grows.

Meanwhile, devices of all kinds can challenge admins, especially if devices are overloaded with apps. Overloading terminals with too much software makes them less secure.

A typical school device has 5.4 security checks per device, including VPN, antivirus, and anti-malware, compared to 11.7 security apps per device on a typical corporate device. Endpoints in schools and businesses are already cluttered with conflicts and degradation of software clients that make endpoints vulnerable. Conflicting endpoints make IT management and audits particularly difficult.

Beyond antivirus applications

Each new application deployed on a device increases the risk that it will be the victim of cyberthreats. In short, endpoints continue to be weakened by too many conflicting software agents, ineffective anti-virus applications, and long-outdated operating system patches.

The Absolute study found that only 53% of antivirus apps work effectively today, and nearly a third of educational devices studied contained sensitive data. Almost 50% host social security data and 39% contain protected health information.

The Absolute report shows that the success of the anywhere learning strategies and other initiatives that dominate the IT and cybersecurity spending of educational institutions hinges on gaining visibility and insight. ‘Complete control over all student and staff devices. The Absolute study quantifies how far distance learning is distributed geographically and how particularly vulnerable devices are when they are outside of a school network.

Truly self-healing terminals are the solution to this challenge. The most reliable, scalable, and persistent self-healing endpoints provide continuous visibility, control, and intelligence across devices, data, and applications.

Absolute’s approach of being integrated into the firmware of over half a billion Windows devices and upgradeable to Chrome OS and iOS has been proven successful in educational institutions around the world.

“In this new digital reality, the endpoint is now the edge and the primary attack surface for cybercriminals is actually in the hands of students and staff,” said Christy Wyatt, President and CEO of Absolute Software at VentureBeat. “The ability to see, manage and protect every end device, as well as the data and applications on those devices, is critical to ensuring that students and staff stay safe, connected and productive, no matter where they are. where physical learning takes place, ”she said. continued.

Absolute’s study accurately captures the complexity and urgency of the challenges facing IT and cybersecurity teams to ensure that learning initiatives from anywhere can continue to serve students, educators, and administrators. Additionally, CIOs in school districts that VentureBeat spoke to said unified endpoint management platforms must hold the promise of greater visibility and control, as IT teams will need to provide audits as part of next year’s budgeting process.