The coronavirus is giving hackers a golden opportunity. Here’s how to stop it.
Experts are tracking a huge increase in cyberattacks since the COVID-19 outbreak. For example, Barracuda Networks detected a 667% increase in the number of phishing emails. It’s a shame that hackers are using the coronavirus to try to trick people working from home into giving the hackers access to business networks. These people have dropped their guard during this crisis and hackers are very good at using fear and disinformation to make phishing attacks even more successful.
Systems are especially vulnerable at this time because many IT employees aren’t at work, or by necessity, they have focused their attention on supporting other technology needs. This is particularly true for K-12 IT teams who are now working to support the remote learning needs of their students and faculty. Already understaffed and underfunded, school district IT find themselves at a critical disadvantage to criminals.
3 Ways Hackers Can Take Advantage of a Crisis
Hackers are experts at exploiting uncertainty, fear, and doubt. The existing coronavirus pandemic is a perfect opportunity for hackers. Mistrust and misinformation is already grabbing attention around the world. Hackers can take advantage of that problem by creating “scareware” that targets people at their most vulnerable.
1. Shock and fear
Cybersecurity is often the last thing on someone’s mind, well, ever. But particularly during a crisis. The strain of staying at home while wanting to stay informed can make other concerns insignificant. Hackers are sending phishing emails that seem to provide information from the CDC, school districts, and other official sources that people open without thinking.
People who are working remotely are not only stressed by the crisis, but they’re isolated from coworkers and the people who could normally reinforce good cyber hygiene. This becomes an even bigger problem when people are using their own unmanaged devices to access school networks. They can create big problems if they download information to their own computers or phones where hackers can easily find it.
3. New technology
Hackers use the latest technology to do things like hide malware in video or audio links. It’s also very easy for a cybercriminal to create a fake website by cloning legitimate news websites, for example. The person landing on those fake sites will unintentionally download malware while trying to stay informed. Cybercriminals are perfecting their impersonation tactics. For example, a cybercrime forum is already advertising a COVID-19 phishing email kit.
4 Ways to Protect District Information Systems
The good news is that there are things you can do to help keep your student, faculty, and district data safe during this crisis.
1. Establish and reinforce policies and employee training
Now is the time when you can help teachers and students involved in remote learning to take a deep breath and think about how to protect themselves. You can use direct communication to warn your school community about the approaches hackers are using, and educate them on what to look for. Teachers can reinforce the issue during remote class sessions and encourage students to pass the information along to their parents.
2. Establish a Virtual Private Network (VPN)
At this critical time, the need for a VPN is even more important to protect your district data with a secure district network and internet connection. You need to make sure to patch your VPN servers regularly to avoid attacks that are increasing against unpatched systems. Hackers can also launch DDoS attacks on VPN services to overwhelm those systems and bring operations to a halt.
If you have a VPN, you will need to scan your logs to determine if hackers have compromised your VPN accounts. It’s fairly easy to detect if the use patterns have suddenly spiked.
3. Monitor account login and activity
When many people are logging into your systems remotely, you can increase security by monitoring login activity to spot account takeover attacks. Look for things such as many unsuccessful login attempts, multi-factor authentication checks that failed, and successful logins from suspicious locations. If you have no students overseas, for example, any login from outside of the U.S. should raise a red flag.
4. Recheck cloud app security settings
NIST and other experts recommend that you check cloud application security settings on a regular basis. If you haven’t done so recently, this would be an excellent time to run through a cloud application security audit. For example, if you haven’t implemented multi-factor authentication, you’ll want to do that to help secure cloud access during this crisis.
The coronavirus crisis has brought out the best in most of us. Unfortunately, it has also brought out the worst in cybercrime. School districts need to make sure they are fortifying their cybersecurity infrastructure during this uncertain and transitional time.
ManagedMethods wants to help district IT teams make sure their district data is secure. We’re offering school districts that use Google G Suite and/or Microsoft 365 free access to our cybersecurity and student safety monitoring platform through May 31. Learn more and request your free access today to get the most benefit out of this offer.