The Australian education sector faces the growing threat of cybercrime, with experts warning outdated cybersecurity leaves school data vulnerable to hackers.
In December 2022, 67 QUT students awoke to distressing news that a cyberattack on university servers had breached their personal and financial data.
It was later revealed that a staggering 11,405 staff members and students were affected by the breach, marking the first of many cyber attacks on the nation’s education sector in 2023.
According to the latest Annual Cyber Threat Report from the Australian Cyber Security Centre (ACSC), cyber-attacks are rising across the nation’s institutions, with the education sector seeing a shocking 17 per cent rise from 2021 – 2022, averaging 3,934 attacks per week in July 2022.
Ransomware, especially, has proven to be a problem for Australian schools, with a 2022 survey by Sophos finding that 60 per cent of higher and lower education providers suffered from ransomware attacks in 2021 compared to 44 per cent in 2020.
Higher education institutions were also the longest to recover from ransomware attacks. 40 per cent of universities reported taking at least one month to recover, with nine per cent taking more than three months – over double the average time for other sectors (four per cent).
Worryingly, of those schools that recover, few manage to restore all of the data completely. Only four per cent of victims who paid the ransom retrieved all their data last year, down from eight per cent in 2020.
Across all sectors, ASCS reported a staggering 76,000 cybercrime incidents last year, a 13 per cent increase from the previous financial year. With an alarming rate of one cybercrime report made every seven minutes, it’s clear the problem is only getting worse.
Why are schools being targeted?
Australian schools were already seeing a rise in cybercrime even before the national shift to remote learning in 2020 due to being often underfunded, underprepared, and outdated.
In his The State of Ransomware in Education 2022 report, principal research scientist at Sophos, Chester Wisniewski, found that schools are among the “hardest hit” by ransomware.
“They’re prime targets for attackers because of their overall lack of strong cybersecurity defences and the goldmine of personal data they hold,” he wrote.
The sensitive nature of the data held on school servers, including addresses, payroll information, and tax file numbers of staff, students, and families, makes these cyber attacks especially devastating.
“Considering the encrypted data is most likely confidential student records, the impact is far greater than what most industries would experience,” wrote Mr Wiseniewski.
“Even if a portion of the data is restored, there is no guarantee what data the attackers will return, and, even then, the damage is already done, further burdening the victimised schools with high recovery costs and sometimes even bankruptcy”.
With these digital attacks showing no sign of slowing down, Mr Wiseniewski warns schools that, when it comes to cybersecurity, the best offence is a good defence.
“Education institutions are less likely than others to detect in-progress attacks, which naturally leads to higher attack success and encryption rates”.
“The only way to get ahead is to prioritise building up anti-ransomware defences to identify and mitigate attacks before encryption is possible”.
What schools can do to protect their data
To stay one step ahead of these cyber-attacks and keep their data safe, schools can implement a number of cyber safety strategies to fend off attackers.
Stay informed
Cybercrime is rapidly evolving every day, with schools having to constantly combat new techniques, technologies and schemes used by hackers.
Keep up-to-date with the latest trends and best practices in school security. Attend conferences, read industry publications, and join online communities to stay informed on the latest developments.
Develop a comprehensive security plan
Create a security plan that covers all aspects of school security, including cyber security, physical security, and emergency management. Make sure you familiarise all staff members with the plan and set clear instructions on what to do in an emergency.
Train staff and students
Train staff members and students on the risks of using digital tools and platforms, best practices to stay safe online, and how to recognise and report cyber security threats.
Invest in security technology
Investing in security technology will help you detect and respond to security threats quickly and effectively. Look at using AI, machine learning, biometrics, and other cutting-edge technologies to boost your school’s security.
The Australian Cyber Security Centre (ACSC) Essential Eight
While no set of strategies is guaranteed to protect against all cyber threats, ACSC’s Essential Eight are highly recommended for anyone looking to beef up their cybersecurity. Including implementing application whitelisting, patching applications, patching operating systems and using multi-factor authentication; these strategies “make it much harder for adversaries to compromise systems”.