Over the past few months, educational institutions around the world – from elementary schools to colleges and universities – have been forced to embrace distance learning. It’s now estimated that 70% of students are currently doing some form of online education.
For many of these institutions, this digital transformation to distance learning was thrust upon them—regardless of whether they were ready or not. Schools are scrambling to not only build the content for their courses but also to build the distance learning infrastructure needed to ensure all of their faculty and students have remote access to this content. The challenge they face is how to do this at scale and do it securely?
Unfortunately, malicious actors and cybercriminals are fully aware that for many organizations, these are uncharted waters. Educational institutions have long been a target by adversaries. According to the 2019 Verizon Data Breach Report, education continues to be plagued by human errors, social engineering,and denial of service attacks. And these changes only compound these challenges.
The movement to distance learning has created additional risk for institutions and created potential opportunities for the adversary. These criminals are more motivated than ever to steal information, intellectual property, or simply be disruptive.
Securing the Learning Environment
There are several simple steps every educational institution needs to consider implementing if they desire to set up and maintain an effective distance learning environment while keeping their cyber adversaries at bay. These include:
Provide Strong Authentication: With advancements in hardware processing power, cracking passwords can be done in a matter of seconds. Which is part of the reason why there is a ton of stolen credentials for sale on the dark web, with more being added every day. It is essential, therefore, to enforce strong password policies (i.e., complexity, length, and expiration), enforce account lockout after failed attempts to prevent password guessing, and leverage multi-factor authentication where possible to prevent the misuse of stolen passwords.
Protect Web Applications: Next to stealing credentials, exploiting vulnerabilities in applications is the easiest way for an attacker to breach your network. You must scan external sites for security flaws such as cross-site scripting errors and SQL injections. And it’s equally important to encrypt the traffic between your learning systems and your users, whether faculty, students, or administrators, so information can’t be stolen in transit. In addition, deploying a web application firewall (WAF) can protect web application servers and the infrastructure from attacks and breaches originating from the Internet and external networks.
Leverage Network Segmentation: Another way to secure your environment is to segment your internet-facing teaching applications from your other internal applications, such as your HR system. This way, if a breach or malware outbreak were to occur, the scope of impact will be limited.
Manage 3rd Party Risk: The third-party technologies that you use in your online learning environments can pose additional vulnerabilities and risk to your enterprise network. Whether it’s your learning management system or teleconferencing tools, regardless of whether they are hosted in the cloud or on-premise, you need to ensure you perform a thorough security assessment of the vendor and their products before introducing them into your network environment.
Monitor for Malicious or Unusual Activities: Organizations new to implementing distant learning will see a significant increase in devices and external network traffic connecting to their networks. The security staff needs to be aware of any unusual login attempts, unexplainable large data transfers, or other behaviours that seem out of the norm.
Knowledge is Power in Protecting against Adversaries
Similar to how we teach our kids to learn and memorize basic math facts to tackle more complicated math problems, we need to ensure that faculty, students, and staff understand the cyber security basics to ensure they remain safe. No online course is complete without having some form of cyber security education on the syllabus.
At a minimum, faculty, students, and staff should know how to:
Protect Their Passwords: Ensure individuals use strong passwords that are not obvious, like your birthday, or default passwords provided with devices. Never use the same password on multiple accounts and devices. And never share a password with anyone – even individuals claiming to be on the IT team.
Keep Their Devices Up To Date: Make sure devices and applications are updated with patches, and that any antivirus/malware software is current and operational.
Spot Social Engineering Attempts: Everyone should be taught how to spot attempts to steal personal and proprietary information vial email (phishing), texting (smishing), and phone (vishing).
Be Wary of Public Networks: Many public places, such as cafes, hotels, and airports, offer free internet connections to jump online easily. However, while they are convenient, they may not be secured. In addition, cyber criminals will often spoof these sorts of networks. So it’s essential to check with the establishment to ensure the network is legitimate, and when possible, use a VPN connection to access or transmit data. To that end, it is essential that any distance learning tools – both the front end used by students and the back end used by teachers – support SSL VPN and strong authentication.
As we engage in distance learning, we need to ensure that we practice cyber distancing to protect ourselves from the adversary. Taking control by following these standard security practices is one of the best ways to effectively move us securely into this new distance learning norm.