LIP122021 - Page 28

28 LONGISLANDPRESS.COM • DECEMBER 2021 TECH INSIGHTS HOW LONG ISLAND SCHOOLS CAN PROTECT THEMSELVES AGAINST CYBERATTACKS Cyberattacks against school systems, including the widely reported one in Manhasset in November, are a major problem that have increased since Covid-19 enabled hackers to take advantage of vulnerabilities. School systems that have been attacked by hackers and other bad actors (BAs) are often forced to spend money on repairs, upgrades and when they’re the victims of ransomware attacks. Vendors often oversize solutions for clients in K-12 by proposing sophisticated security-event incident monitoring and security operations centers that are designed for big companies, not schools. Tom Franson, vice president of support services at Custom Computer Specialists, recently spoke with us about the threat posed to school systems by cyberattacks and what schools can do to protect themselves. Why are school systems increasingly the targets of cyberattacks? BAs typically seek out targets of opportunity. That is, there are very simple and readily available tools that allow BAs to scan a very broad spectrum of potential targets and identify those with the weakest defenses. Public school systems tend to move slower than the private sector in deploying newer security technologies. What role did the pandemic have on this trend? The pandemic pushed public schools into a distance learning posture abruptly. In many cases, devices and remote connection methods were quickly deployed to meet the emerging need without undergoing proper security review in advance. Poorly protected, older machines with out-of-date operating systems/patching were a major issue. What makes schools and school districts specifically so vulnerable to hackers? School districts tend to have a broad cross section of Personally Identifiable Information (PII) in a variety of systems and locations. If BAs are able to gain initial entry, they typically will look to escalate their privileges and gain access to data stores that contain PII. PII is the data that holds value for resale and ransom purposes. What are the hackers typically after when they attack schools and school districts? Money is the primary driver and PII is usually the lever. Distributed denial of service attacks are often acts of vandalism and, in many cases, undertaken by students to disrupt the school day. They often coincide with major test dates. What kinds of attacks against schools and school systems are most common? Most attacks have been using ransomware over the past 24 months or so. Prior to that, we were seeing more business email compromise attacks. Ransomware is the dominant attack mode now especially for public sector clients because it provides an opportunity to collect a ransom. What should school districts be doing to make themselves less vulnerable? Get connected with a reputable information technology (IT) vendor. Look for certifications from ISACA (CISA, CISM) and ISC2 (CISSP, HCISPP, SSCP). Ask what frameworks they use and how that maps to your environment. Beware of vendors who lead with the solution. What should a school or school district do if it has become the victim of a cyberattack? Contact a reputable provider to assist with recovery immediately. Time is of the essence and important decisions must be made within the first 12 hours. Ask for references from your provider. What can Custom Computer Specialists do to make school systems less vulnerable? Number one is by limiting your attack surface. We make you a smaller, tougher target by using a variety of tactics, configuration changes and tools. We want the Photo courtesy of Getty Images BAs to look at your environment and conclude that it’s too much work. You don’t have to outrun the bear. You just have to outrun your neighboring district. Custom Computer Specialists is proud to sponsor Tech Insights. Since 1979, Custom has been dedicated to providing Long Island’s schools, local government agencies, healthcare facilities and businesses with advanced technology solutions and support. To learn more about Custom Computer, or to be considered for a future Tech Insights, please email info@customtech.com. SOCIAL MEDIA Success Begins Here. Get Started Today! (800) 598-8989 Tom Franson info@customonline.com /LONGISLANDPRESS.COM link link link link