On December 10, 2020, the Joint Cybersecurity Advisory (coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC)) issued a major “Cybersecurity Advisory” to the K-12 community. This advisory reports that cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year.
These issues will be particularly challenging for K-12 schools that face resource limitations. Educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments. As you review this Advisory, K-12 schools should be thinking about how they are protecting their students online and verifying they have the proper CyberSecurity controls in place. It is not good enough to just have the basics of firewall protection, anti-virus and endpoint protection and anti-malware controls. Now, we need to have Enterprise class Backup and Disaster Recovery solutions (to protect against RansomWare), Security Awareness trainging for all staff and even students, proper use of Video Conference controls and security and how to best beat Social Engineering attempts.
The Advisory document lists a series of Best Practices at the end of the document. For further information, contact your BNMC representative or reach out to us to discuss how to better protect your school or business.