Raising cybersecurity awareness among education professionals
“No one is immune to a breach of their sensitive data”
One consequence of stay-at-home orders due to Covid-19 was an en-masse transition to working from home. Many educators and students were forced to make quick adjustments without safe and reliable procedures or equipment.
As a result, 2020 was particularly severe for school hacks, exposing many people to identity theft and credit fraud, and forcing school closures.
If you are not a cybersecurity expert, it can be hard to understand the difference between an incident and a breach. Each results in implications for security, compliance, and the organisation’s reputation.
Yet it is critical for each employee and student to follow guidelines and rules to prevent a security crisis. So where is a good place to start learning about cybersecurity? Mailbird’s Carl Andre-Brown explains.
What is a security incident?
A security incident refers to an act of violation of any entity’s security standards and policies. Most often, sensitive data is at stake. Such an incident is classified as a data breach. However, some security incidents do not involve data.
For instance, if a hacker receives unauthorised access to your computer and mines cryptocurrency on it, this is considered a security incident but not a data breach.
Some security incidents are intended to disrupt the ordinary operations of servers, network hubs, or dedicated workstations. While sometimes they don’t seem that serious, security incidents always have a negative effect on the company or school’s reputation.
It is important to recognise any type of incident (data or otherwise) signals to everyone that your organisation is vulnerable. Any opportunities for unauthorised access, however minor, should be rectified as soon as possible.
Common types of security incidents
As cybersecurity attacks become more lucrative, hackers invent new ways in which to conduct them. As of now, the most common ways security incidents occur are:
Misuse of removable media: USB and SD cards, external hard drives, CDs, smartphones, and other portable devices are very convenient media for copying and transferring any information, including sensitive personal data.
Employees or students often take these devices out of the school, thus exposing the data to the possibility of theft. It’s important to never use an unfamiliar device or port for this reason.
Brute force: Brute-force methods (trying all possible combinations of letters, digits, and symbols to guess the credentials) have proven effective at breaching networks and computers because many passwords are not strong enough. This allows the attackers to steal personal data, compromise a website, or hijack an entire system.
Web: Many cybersecurity attacks are executed via web-based applications or websites. They prompt a user to download and install a supposedly legitimate script or software. For some malware, the user doesn’t even need to initiate the process.
This is called a drive-by download—a hack that exploits app and operation system security flaws. Users can unintentionally run malicious code just by browsing the web, for example, exposing themselves to a security incident without even noticing.
This kind of attack can paralyse a system, such as when a 16 year old student shut down the Miami school district with an attack last year.
Email: Inboxes are considered one of the weakest links in any security chain, especially personal email addresses.
Email-based security incidents most often involve malicious attachments, which users download to their PCs, or links that lead users to compromised websites.
Phishing attacks are unlawful requests for sensitive data via email. The IRS reported a phishing scam where hackers were impersonating them to acquire tax refunds and specifically targeting .edu email addresses.
Spam filtering has been an issue for Outlook users especially, which unfortunately is a preferred application for academic fields due to its compatibility with both Mac and Windows.
Policy abuse: Security incidents called “insider breaches” occur when an organisation’s acceptable usage or other security policies are violated or exploited by unauthorised users.
These users might be actual or former students or staff, or individuals outside the organisation.
Because they usually know all the ins and outs of the devices or software, such attacks are most difficult to detect and can be incredibly threatening for institutions.
Loss or theft of equipment: When a personal computer or other equipment containing sensitive information is lost or stolen, this is also regarded as a security incident.
Often, employees or students neglect standards and policies for hard-drive encryption, which causes severe complications if their PCs land in the wrong hands.
Cybersecurity first, always
No one is immune to a breach of their sensitive data. And cybersecurity risks are increasing each year.
To protect students and faculty, and minimise the risk of being attacked by hackers, organisations should invest in strong security protocols and maintain corporate standards.
All parties, in turn, should be given compliance training. This is essential for keeping teams educated about the risks of security incidents and equipped with the right toolset to react appropriately to possible threats.
Train regularly on the importance of password managers, phishing scams and how to spot suspicious activity online.
If you encounter a data breach or another type of a security incident, report it immediately and take the appropriate measures to counteract the consequences.
About the author: Carla Andre-Brown is a content marketer at Mailbird and teaches digital marketing and social media at British Colombia Institute of Technology.