Recently, parents at a private school in Newcastle were sent a very convincing phishing email purporting to be from the school offering a 20% discount for fees paid by bitcoin. While it’s not clear if any parents fell for the ruse, it’s indicative of why private schools make an attractive target for online crime. The challenges that fee paying schools now face in keeping data safe and secure are escalating. You can read the full media article here.
The Information Commissioner’s Office (ICO) said other schools had been targeted and it was investigating.
Figures released last year showed that one of the biggest threats that schools now face is cyber crime and that around a fifth of all education establishments in the UK have been hit. Schools have mainly seen ransomware and malware attacks but hackers are looking for any opportunity where they can exploit the organisation.
Parent, teacher and pupil private data commands a strong price on the dark web.
The Independent Schools’ Bursars Association has acknowledged that cyber attacks are more than isolated incidents and the combination of high fees and poor online security practices make an attractive target for fraudsters.
To many schools this may sound daunting but in reality it doesn’t have to be that way and it won’t require an expensive overhaul of IT systems to put in place strong measures to mitigate the risks of cyber attack.
Net-Defence’s specialist team works closely with schools across the country, advising them on practical measures that can be taken to prevent cyber attacks and provide the necessary protection for data.
This takes two forms, technical resilience and human behaviour. The team undertakes evaluation and testing of systems to ensure that they are operating with appropriate security measures. They also work with schools to introduce effective data management and handling procedures for staff and pupils to minimise the risks that occurs from ‘human factors’. You can operate the most state of the art technical security systems in place but if a member of staff or pupil decides to insert a contaminated pen drive into the network, or allow an unqualified stranger into the building, it could render it all worthless. So as much as a solid foundation of secure systems is vital, ensuring that effective day to day processes and regular testing are in place and understood by all is fundamental.
What can you do about it?
Net-Defence works with many private schools to give them the confidence and peace of mind that they are properly protected from security attack and operate robust procedures for data management.
The team also deliver board and management governance workshops, provide consultancy to enable schools to achieve Cyber Essentials Plus, the Government digital resilience standard, ensure IT systems are secure and have effective Business Continuity Plans, as well as online protection for high profile families. If you would like to discuss any aspect of this for your school, contact our team for an obligation free discussion.
Net-Defence supports businesses and third sectors clients throughout the UK including several private schools, and has a specialist team for online protection of high profile individuals. We are engaged by law enforcement agencies in the UK and US.