Education Sector Continues to be Targeted in Cyber-Attacks

According to the FBI, cyber-attacks against schools have become more common. This assessment is supported by the number of incident reports received by the NJCCIC from education sector organizations across the State. As educational institutions increasingly integrate technology to store student and faculty information, and provide educational services, they remain prime targets for cyber-attacks. Several recent incidents forced schools to discontinue use of their online services, such as email, or dismiss classes altogether. Cyber-attacks have the greatest impact when the schools are ill-prepared, exacerbating the length and cost of remediation efforts. Recent incidents in the education sector include three July 2019 ransomware attacks against Syracuse City School District, Northwest Indian College, and Monroe College. In addition to ransomware, educational institutions are often targeted in denial-of-service attacks meant to render services inaccessible and in phishing campaigns used to scam victims or provide access to sensitive data. The NJCCIC recommends cybersecurity personnel in the education sector employ a defense-in-depth cybersecurity strategy that includes, but is not limited to: optimal network segmentation, a comprehensive data backup plan, following the Principle of Least Privilege, cybersecurity awareness training, endpoint protection, multi-factor authentication for user accounts, and continuous network monitoring. Users and administrators are encouraged to review the NJCCIC threat analysis product, “Education Sector: An Attractive Target for Cyber-Attacks,” the Associated Press article on the targeting of schools, and the FBI’s September 2018 Public Service Announcement.