Could Your School Survive A Data Breach?

What Are You Doing To Protect Your Entity From Cybercrime?

网络攻击和数据泄露不会区别对待,只需要一次错误的点击就可以利用系统中的漏洞. Unfortunately, 因为教育机构的数据库中储存了大量敏感信息, schools have a greater obligation to ensure their networks are protected at all costs. In addition to cyberattacks that could render your network virtually useless, 那些领导攻击的坏人可以获得并带走关键数据. And while data theft is bad enough, 未能按照家庭教育权利和隐私法(FERPA)保护学生数据可能会给你的学校和你的学区带来可怕的后果.

Is Your District’s Data Safe?

As an educational institution, 你们所服务的社区期望学校官员不仅从事教育工作,而且还要维护他们所服务的儿童的安全. Parents trust that their students are safe in the classroom and, thanks to increased technology usage, that their data is secure and protected from those who intend to do harm. 简而言之,我们学校的安全现在被认为远远超出了身体和心理健康. Today, 数字安全是一个非常现实的期望,公众现在问他们的学校在做什么来维护他们所拥有的所有数据的安全.

随着在线教育的兴起——尤其是COVID-19对教育的影响——Windows pc正在与谷歌chromebook竞争,成为教室里的必备设备. According to a January 2021 announcement, Microsoft stated that, “more than 200 million students, faculty, institutional leaders, and teachers are actively using Microsoft Education products.” Moreover, since September 2020, 据报道,使用微软团队的学生人数增加了3000万,使用该平台的学生总数已上升到1亿.

anonymous figure behind computer blue cyber data ohio cpa firm

Microsoft has certainly made gains among the education community. Unfortunately, this is why the latest Window’s security vulnerability, Print Nightmare, is so terrifying. Even so, there are valuable lessons to be learned from Print Nightmare. Notably, 安全漏洞说明在贵地区进行网络安全风险评估的重要性,以确定贵地区的漏洞所在——这是确定实施地区网络安全和数据保护策略的最佳方式的关键第一步.

A Closer Look At Print Nightmare The Threat

打印噩梦允许攻击者访问目标Windows工作站或服务器的打印假脱机程序, which gave them the ability to run malicious code disguised as a print driver. 知道他们的受害者不太可能质疑打印驱动程序更新的合法性, 黑客所要做的就是等待虚拟的打印驱动程序被更新和安装. Once installed, 黑客获得了他们正在寻找的所有访问通行证,并可以确保在该组织的网络上疯狂运行所需的凭证——获得了访问关键服务器和数据的权限.

The Problem Facing Schools

As you can imagine, “打印噩梦”已经严重损害了微软在市场上的声誉. But the fallout doesn’t stop there. Individual organizations affected by this exploit are also facing repercussions. As government-funded entities, schools are held to higher standards and when the public’s confidence is shaken, it can be difficult to regain their trust. 然后还有FERPA和保护学生权利修正案(PPRA)要对付, which if non-compliance is found, could result in your institution no longer being eligible for U.S. Department of Education funds.

“虽然1974年的家庭教育权利和隐私权法案(FERPA)没有要求教育机构采取特定的安全控制措施, security threats can pose a significant risk for student privacy,” states the U.S. Department of Education on its security webpage. “Educational institutions should take appropriate steps to safeguard student records. Breaches of educational data are common and can lead to a violation of FERPA, as well as to a host of negative consequences for students such as identity theft, fraud, and extortion.”

The Fix

Albeit not ideal, 您现在可以采取两种行动来保护您的机器和网络免受Print Nightmare的伤害. The first action you can take is to turn off the device’s print spooler.

The downside here is that the user will no longer be able to print from the device. 可以采取的第二个操作是关闭所有设备上到打印假脱机程序的传入远程客户机连接. This specific solution will effectively add another layer of protection for your network, but it will not stop the attack from occurring on the local machine. Furthermore, 这种方法不能在使用打印服务器的网络上实现,因为它会阻止打印到网络打印机,除非通过IP地址. 只有通过IP地址本地添加到机器上的打印机才能继续工作. As you can see, both of these solutions are less than ideal.

The good news, however, Microsoft released a steady stream of updates to target and, ultimately, protect Windows devices from the Print Nightmare vulnerability. 如果您还没有部署所有更新,那么立即部署所有更新以确保您的设备安全是至关重要的.

We Are At War

Threats of cyber-attacks and data breaches are unlikely to go away, and it’s targeting all devices – not just Windows. 这意味着你的实体必须采取积极的措施来赢得完全控制和保护你的数据和网络安全的战争. 第一步是与不仅了解组织所面临的具体挑战,而且能够深入了解您独特的网络漏洞的团队合作. 应进行全面的风险评估,并应立即关闭网络安全基础设施中的漏洞. Finally, 与您的网络团队一起开发一个策略,不断监控您的网络的漏洞和即时威胁,同时帐户定期更新您的安全控制.

Cyber Threats In America’s Schools Continue To Rise

Since 2016, the K-12 Cybersecurity Resource Center has tracked 1,180 cyber incidents within the nation’s K-12 public schools. These incidents include, but are not limited to:

  • 未经授权的披露、破坏或黑客攻击导致个人数据的泄露
  • Ransomware attacks
  • Phishing attacks resulting in the disclosure of personal data
  • Denial-of-service attacks

Additionally, in 2020, 在美国报告的所有网络攻击中,教育部门占60%以上. In other words, 网络威胁是实实在在的,它过去的时间区管理员优先考虑网络安全——尤其是现在有一个需要增加安全远程环境和保护个人的学生和职员数据按照数据隐私法,同时适应远程教育日益增长的需求. Fortunately, protecting your data doesn’t have to wipe out your district’s coffers. For example, according to a recent article published by OASBO, “funding can be approved for cybersecurity technologies and user awareness training.”

Need Guidance? We Can Help

Rea & Associates’ cyber team performs data-first, 以安全为重点的风险评估,旨在加强所有级别的数据完整性,同时确保组织遵从性和最大程度的保护. 这个小组也可以帮助你获得你所需要的资金,以最大限度地保护你的地区网络. 如果你想了解更多关于印刷噩梦或步骤,你可以采取,以确保你的教育机构作为一个整体, contact Shawn Richardson, cybersecurity expert at Rea & Associates.

For additional insight, check out our website at www.oxfordfilmfreak.com/cybersecurity.

By: Shawn Richardson, Principal (Wooster)