Cyber attacks are one of the biggest threats that schools face, experts have warned, as new figures show that a fifth of education establishments have been hit.
Hackers see teachers and parents as a “soft target” since they are often ill-equipped to deal with cyber thefts, while sensitive data held by schools – such as children’s medical records – are lucrative on the dark web.
Malware and phishing are the most popular types of attacks, according to research commissioned by Ecclesiastical, a specialist insurer for educational establishments.
Faith Parish, the education director at Ecclesiastical, said: “Schools hold interesting information and often quite sensitive information. That means they are a target.
Ms Parish said that cyber attacks are one of the biggest threats facing schools, especially as it has implications for safeguarding children.
In 2017, personal details belonging to millions of teachers, pupils and parents who use Edmodo, the ‘Facebook for schools’ application, were reportedly on sale on the dark web.
Stephen Burke, the founder and CEO of the organisation Cyber Risk Aware, said that schools are an “extremely easy target” for hackers. “You are seeing a lot of identity fraud now where children’s name and details are used to make official documents,” he said.
Jen Persson, director of the campaign group Defend Digital Me, has urged the Department for Education to issue guidance for schools on how to keep their data safe.
“Schools use cloud services and outsource the pupil’s personal data management to all sorts of third parties and apps – no one has oversight of it so it is hard to keep it secure,” she said.
Last year, the Independent Schools’ Bursars Association (ISBA), which supports senior management staff in more than 1,000 schools, said the issue of cyber attacks had become more than an “isolated incident”.
High fees and poor online security make private schools attractive to fraudsters. David Woodgate, chief executive of the ISBA, said he was concerned that the fraudsters were always “one step ahead” and could become more sophisticated in their approach.
Department for Education spokesperson said: “Schools are directly responsible for the security of all digital information they collate, store and retain. We issue guidance to schools on protecting data but any schools with any concerns should contact their IT service provider”
Ray Brogden, COO of Qualifi, Ofqual, The CCEA and QiW regulated Awarding Organisation would like to point out to the wider sector i.e. schools, colleges, independent training providers and employers that Qualifi has a fundable Level 2 Cyber Security qualification and will shortly make available both a Level 3 and Level 4 qualification (which will be entitlement funded as well as Advanced Learner Loan recognised). For further information please visit the Qualifi website at www.qualifi.net. Cybersecurity or rather, lack of is a growing concern among many employers. Cybersecurity represents an industry in growth with many skills shortage vacancies, your students could be training to fill those vacancies.