cybersecurity awarenessAs the 2024-2025 school year kicks off, parents are busy sending their children back to school armed with fresh notebooks, pencils, and lunch boxes. However, there’s one essential that many parents may not have considered: cybersecurity awareness.

While it might seem far-fetched, schools are increasingly at risk of cyberattacks. Cybercriminals target educational institutions just as much, if not more, than other organizations. In fact, attacks on schools and colleges nationwide surged by nearly 40% last school year alone.

At first glance, targeting schools might seem like a waste of time for cybercriminals. However, these attacks can yield a treasure trove of valuable data—data that can generate significant profit for bad actors.

Why Are Cybercriminals Hacking Schools?

Cybercriminals target educational institutions for several reasons:

Personal Data
Schools and colleges store large amounts of personal data that are attractive to cybercriminals, including Social Security numbers, birth dates, addresses, and health and financial records. Even if they can’t immediately exploit a child’s information, they can hold onto it for years and use it later.

Financial Gain
In addition to profiting from selling stolen data, cybercriminals deploy phishing and ransomware attacks to manipulate school personnel into revealing sensitive information or paying large sums to regain access to critical systems. With more schools relying on digital resources and technology, ransomware can severely disrupt operations, making schools more likely to pay the ransom.

Weak Network Security
Cybercriminals often target educational institutions because they can. Many schools operate on tight budgets, leaving them unable to invest in robust security measures. These institutions typically have numerous devices accessing their networks, each with varying levels of protection. Combined with users who may have little to no cybersecurity training, schools become prime targets for cyberattacks.

Defending Schools Against Cyber Attacks

Although the back-to-school season brings cybersecurity risks to the forefront, educational institutions are vulnerable year-round. Schools and colleges must prioritize investments in network security tools such as firewalls, encryption, and intrusion detection systems.

However, the human element is equally critical. Staff and students need training on cybersecurity best practices to identify and avoid threats. This includes recognizing phishing attempts, managing passwords securely, and understanding the importance of staying vigilant against potential security breaches.

Safeguarding Google Workspace From the Latest Cyber Threat

Google WorkspaceIf your organization relies on Google Workspace, it’s crucial to be aware of a recent cyber threat. Hackers discovered a vulnerability in Google’s email authentication process, allowing them to bypass it and create a fake Workspace profile by impersonating a company’s domain.

This vulnerability enabled bad actors to gain access to third-party services by using the “Sign in with Google” option. Fortunately, Google’s security teams fixed the issue within 72 hours and added additional protections to prevent further breaches. Only a few thousand accounts were affected, according to Google.

Enhancing Google Workspace Security

Although Google Workspace offers several built-in security features, users should enable specific settings to ensure full protection. One key feature is API controls, found under Security > Access and Data Controls. These controls let you manage which third-party apps can access sensitive information.

By limiting access to basic information, such as username and email address, for most apps, you reduce the risk of exposing critical data. For apps requiring deeper access, you can configure permissions individually. Monitoring third-party app sign-ins and investigating any suspicious activity can further protect your organization from breaches.

Cybersecurity is essential for both educational institutions and businesses alike. Staying informed and proactive can help defend against these ever-evolving threats. If you are a school administrator or on the school board, all of this may sound daunting. Integrated Technology Systems has the experience to assist with a plan to keep your school safe and to train your staff.

Integrated Technology Systems
6 East 45th Street, Suite 400
New York, NY 10017
212-750-5420
https://www.itsnyc.com