How Schools Can Defend Against Growing Cyber Threats
by Will Knehr
As we approach American Education Week, we celebrate the dedication of educators and the power of learning. But in today’s increasingly digital landscape, schools and universities face unprecedented challenges. Cyber threats have evolved beyond traditional hacking, and educational institutions—often rich with data but constrained by limited budgets—are prime targets. In 2024, attackers are using sophisticated tools, from AI-driven deepfakes to ransomware, making cybersecurity a critical focus for schools across the country.
Emerging Cybersecurity Threats in Education
It’s no surprise that schools are appealing targets. They house extensive amounts of sensitive information, from student records to financial details, yet often lack the advanced cybersecurity defenses of corporations. Cybercriminals know this and are exploiting it. Between 2016 and 2022, U.S. schools experienced over 1,300 documented cyber incidents, with the highest numbers reported in recent years (see https://www.k12six.org/map). As attacks become more sophisticated, the need for stronger defenses has never been more urgent.
AI-Driven Attacks and Deepfakes
A growing threat in the educational space is the use of artificial intelligence. Cybercriminals have begun leveraging AI tools to create realistic deepfakes, which aren’t limited to video—audio deepfakes are also becoming alarmingly accurate. With just a few voice samples, attackers can simulate the voice of a school official, parent, or administrator. Often, these voice clips can be scraped from public sources like social media, voicemail greetings, or online presentations. In one recent incident, a deepfake voice impersonating a school administrator was used to authorize fraudulent financial transfers. This kind of deception shows just how powerful these AI tools can be when wielded maliciously.
Schools also face unique challenges from within. Students, especially in today’s tech-savvy environment, may experiment with hacking tools or social engineering tactics. While some of this behavior is harmless curiosity, it can expose serious vulnerabilities. According to the Cybersecurity and Infrastructure Security Agency (CISA), more than 30% of breaches in educational institutions stem from internal actors, including students. Teaching students about the importance of responsible online behavior is essential, not just to protect the institution, but to instill good digital citizenship.
Ransomware Attacks
Ransomware remains another persistent threat to schools. Attackers view educational institutions as lucrative targets because they are often willing to pay ransoms to regain access to critical systems and data. A recent study found that nearly 75% of schools hit by ransomware chose to pay, with the average incident costing $1.3 million in recovery expenses. The cost and urgency of restoring access push many schools into compliance with attackers’ demands, further incentivizing cybercriminals to target the sector.
Phishing Attacks
Phishing, a tried-and-true method of attack, has also taken on new dimensions in education. With AI-assisted language models, phishing emails are becoming harder to spot, as they now adapt language and phrasing to appear more authentic. EDUCAUSE reported that in 2023 alone, 67% of educational institutions experienced an uptick in phishing incidents, a trend likely to continue as AI amplifies these social engineering tactics. In some cases, phishing emails are paired with deepfake audio, making fraudulent calls appear legitimate and coaxing employees into compromising actions.
Best Practices for Cyber Defense in Education
Given the gravity of these threats, educational institutions must take proactive steps to secure their systems and data. Implementing multi-factor authentication (MFA) is one of the simplest yet most effective ways to prevent unauthorized access, especially with the widespread use of multiple devices by students and staff. MFA ensures that even if a password is compromised, an attacker can’t easily breach the system.
Regular cybersecurity training for staff and students is also vital. Training should go beyond standard protocols, addressing AI-driven threats like deepfake recognition and phishing. Schools that invest in cybersecurity education have seen a 40% reduction in phishing incidents, proving that knowledge is a key defense.
For high-stakes interactions, it’s wise to establish out-of-band verification procedures. When sensitive or unusual requests come through—especially those involving financial transactions—confirming these requests through a secondary, independent communication channel, such as a callback, can effectively thwart deepfake scams. Unique passphrases and unexpected verification questions, like asking about an office detail only a true colleague would know, can also help determine if the person on the other end is who they claim to be.
Advanced threat detection tools are another line of defense. AI-driven monitoring systems can spot anomalies in network behavior, alerting IT teams to potential attacks before they escalate.
Limiting access to sensitive information is equally important. With many cyber breaches originating internally, whether from curious students or unintentional staff actions, ensuring that only essential personnel can access sensitive data can mitigate risks.
Conclusion
As technology continues to shape the educational experience, it’s crucial that schools adapt their cybersecurity measures accordingly. By taking proactive cybersecurity measures, including using verification protocols, educating users on AI-driven threats, and building a multi-layered defense, educational institutions can create a safe space for students and staff to thrive without fear of digital intrusion.