Being resilient against cybercrime – learnings from our latest focus on event.

Being prepared for, and protected against, a cyber-attack, is a key concern for school leaders, which is why our ‘Focus on cyber’ webinar is always so popular. Victoria Bott, Computing and Online Safety Teacher Consultant at Entrust, led our latest webinar at the beginning of March. She explained that schools are targeted by cyber criminals because they are data rich and tend to have weak systems in place compared to commercial organisations. The impact can be devastating, causing financial damage and mass disruption to recover from.

While you may realise that a cyber incident may affect your laptops and servers, it can also affect your whiteboards, online registers, door security systems, payment systems, children’s reports and teacher appraisals – and this is merely scratching the surface of what is at risk.

The types of cyber breaches you need to aware of

There are multiple ways cyber criminals can access your data or shut down your operations in the hope to cause maximum disruption or push you to pay a ransom.

• Virus, spyware or malware.
• Phishing attacks.
• Ransomware.
• Unauthorised accessing of files or networks by staff, pupils or outsiders.
• Impersonation of your organisation in emails or online.
• Actual or attempted hacking of online bank accounts.
• Denial of service attacks.

Schools are most likely to be targeted via phishing, others impersonating your organisation or through a virus, spyware or malware.

Cyber incidents can close your school

A cyber or ransomware attack could mean you have to close your school completely. Switching to remote learning may not be an option if the devices used by children and staff need to be taken in and scanned for viruses before being re-built. This takes time, and your cloud storages such as One Drive or Google Drive may also have been compromised.

If an incident happens during enrolment or during revision, mocks or exams it can have an even bigger impact. We know that schools are targeted at these times because cyber-criminals know this is when you may feel more pressured to pay a ransom to regain access to your data and systems.

Dealing with insider cyber threats

Insider threats can come from both staff and pupils. When a member of staff leaves employment at your school their access rights and passwords should be suspended immediately, not days or weeks later.

We have also seen an increase in pupils attacking schools, particularly through a denial-of-service attack. According to Cyber Security Schools Audit (2019) 20% of schools have reported that a pupil has been able to access parts of their network. If you spot any individuals who show a ‘talent’ in the area of cyber dependant crime you should refer them to the Cyber Choices programme as stated in Keeping Children Safe in Education 2022. The average age of referral of a cyber-criminal has reduced from 17 in 2019 to 15 in 2022, and gaming hacks start from the age of 8. The youngest cyber-criminal referral in the UK was 12 years old.

Upholding your risk management responsibilities

The Keeping Children Safe in Education guidelines state that: “Education settings are directly responsible for ensuring they have the appropriate level of security protection procedures in place, in order to safeguard their systems, staff and learners, and review the effectiveness of these procedures periodically to keep up to date with evolving cyber-crime technologies.”

Article 5 of the UK GDPR requires that personal data shall be; “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”

To uphold these responsibilities, you need to ensure you have thorough risk management in place. This should include at least two of the following:

• A cyber security policy or strategy.
• Adherence to cyber essentials.
• Risk assessments.
• Cyber insurance.
• Cyber security vulnerability audits.
• An incident or cyber response plan.
• Management of suppliers or supply chain cyber risks.

There are free schemes available that can you further advice and support such as the Cyber Information Sharing Partnership and Early Warning Service from the National Cyber Security Centre and the Police Cyber Alarm.

Join our full cyber training course

Our full-day cyber courses are designed to give you more time to explore cyber risks and the preventive measures you can take.   The next event is on 25th April and can be booked by clicking here or by emailing information@entrust-ed.co.uk.

The next free introduction webinar for governors called Governing Body Role in Cyber Security course is being held on 16th May. You can register by clicking here.  The next free introduction for head teachers and senior leaders  is also on the 16th May and can be booked by clicking here.

We also provide phishing simulation software to help test your staff and improve their awareness of phishing. To find out more about the support we offer and other sessions we have planned in our ‘Focus on’ series, please contact us.