close icon
Home Page
Products

Products

PAM logo
Privileged Access Management
PEM logo
Endpoint Privilege Management
PPA logo
Automation
Industries

Industries

school_line
Education
bank_line
Finance
government_line
Government and Defence
hospital_line
Healthcare
computer_line
IT Operations
settings_5_line
Industrial Control Systems
briefcase_line
Legal
store_2_line
Retail
Partners

Partners

Resellers and Distributors
Partner marketing support
Partner opportunity
Resources

Resources

tool_line
Free Tools
bookmark_line
Blog
file_search_line
Case Studies
usb_line
PAM Integrations
video_line
Videos
Webinars
paper_line
White Papers
book_2_line
Osirium University
news_line
Documentation
Company

Company

IDcard_line
About
news_line
News & Events
Team
Investor Hub
Software reviews gold medal
See the report
search_3_line
BOOK A DEMO
All posts
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
30
January 2023

Education a target for ransomware in 2023

Andy Harris

Ransom attack threat for schools as new trust networks grow

Educational establishments, especially higher education, face considerable complexity when it comes to IT infrastructure. Multiple locations, dozens of suppliers, partners, thousands of staff, tens of thousands of students make security a huge challenge for their IT teams.

But it’s not just the large universities that are face the big challenges.  There’s an increasing push for schools to join multi-academy trusts which could make them a prime target for ransomware attacks this year, with the whole education sector remaining vulnerable.

‘Hyper-networks’ at risk

That’s my concern. Why? In terms of schools, those joining these often newly-extended ‘hyper-networks’ are becoming more connected, increasing the attack surface and making them significantly more vulnerable.

Ransomware will always go where the maximum reward and minimum risk is. Attackers will target organisations that have the lowest defences, or the least resources to defend against or recover from an attack, as they’re most likely to pay a ransom.

So, educational organisations need to have the resilience or capabilities to protect against attacks. They may have no choice but to re-allocate their stretched budgets to pay ransom demands which, in turn, will affect their teaching.

It appears that the drive towards multi-academy trusts could accelerate soon, with the national schools commissioner recently saying: “every school ideally should be part of a multi-academy trust in due course.” So, it’s one to keep an eye on.

Is the whole education sector vulnerable?

Education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.

The National Cyber Security Centre (NCSC) launched an investigation in 2021 after an “increased number of ransomware attacks” against UK schools, colleges and universities.

And I believe the education sector may be hit hard again this year. It would fit part of a trend I’m expecting towards smaller scale attacks, for lower amounts of money, but which target a much broader base.

There are many mid-size organisations, like some education providers, who have less to invest in protection, limited technical skills, and find cyber insurance expensive. This unfortunate mix makes them easy targets.

Treating local network like dark web

Over the years we’ve come across exceptional people in education and health, dedicated to their organisations, who can clearly see the vulnerabilities and issues of genuinely huge networks with the ethos of unfettered access and minimal policing of policies.  This is the environment that drives both learning and innovation.  

The principles or Zero Trust are in play here, effectively the local network must be treated as if it were directed plugged into the dark web.  Each system should protect itself.  And in particular, IT teams need to protect the privileged accounts they need to administer services.

The non-student laptop estate needs to have the kind of endpoint management that allows freedom of software installation and development – but without the standing local administrator rights that are oxygen to Ransomware.

What about higher education?

Universities can be hard to protect, compared to some organisations, and are susceptible to attack. That’s because they try to balance openness and a culture of sharing information with security. Back-office systems have often evolved over decades.

A member of the Russell Group of universities came to us for support last year over concerns with its Active Directory (AD) infrastructure. Too many users with Domain Admin role (the ideal target for attackers), coupled with poor controls over admin credentials had created risk. In fact, before it had managed to get a solution in place the university was attacked. This “woke up” management to the dangers, according to its cyber security manager, who told us: “Looking back, we should have just enforced PAM in the first place.”

What else might trouble education providers?

A likely problem for all organisations, including the education sector, is the rising cost of cyber insurance. And, on top of that, increasingly heavy requirements from insurers will make it harder to obtain a policy only.

How can Osirium help?

We already support numerous higher education providers and other organisations in the sector with our Privileged Access Security solutions. Want to find out more? Contact us here.

Further reading:

Reading University Case Study

Leading Uni Case Study

How Privileged Access Security Addresses Cyber Insurance Requirements

‍

Related Topics

Education
Manager
Ransomware
all posts
Top
Home Page
cyber essentials certified badge
Industries
EducationFinanceGovernment and DefenceHealthcareIT OperationsIndustrial Control SystemsLegalRetail
Company
AboutTeamBoard of DirectorsInvestor HubJob Opportunities
Resources
Free ToolsBlogPAM IntegrationsVideosWebinarsWhitepapersDatasheetsDocumentationCase Studies
Support
Support PortalOsirium University
© 2023 OSIRIUM. All rights reserved.
AccessibilityPrivacy PolicyEULATerms of ServiceSitemap