CrowdStrike’s Matt LeMiere on Why Schools Are Failing Cybersecurity

Cybercriminals have long considered schools a soft target and a recent article on GovCybersecurityHub explores the reasons why and what schools can do about it. The article includes an interview with Matt LeMiere, CrowdStrike director of SLED (state, local and education) West, in which he delves into the increase in cyberattacks targeting U.S. schools and offers recommendations for fortifying their defenses.

The article begins by recounting some recent attacks against K-12 schools on both U.S. coasts to illustrate this growing threat. LeMiere explains that not only are attacks increasing, they are aimed at all types of educational institutions, from K-12 to colleges and universities.

Why Schools Are Targeted and Attacker Objectives

Le Miere addresses why educational entities are being targeted, explaining, “They’re considered a softer or easier target. Many of the K-12 schools and districts don’t have full-time staff that are responsible for cybersecurity and are dedicated to protecting them. Oftentimes, these schools and districts are strapped for cash and they don’t have the funding. The limited funding that they do have goes towards their core mission — the education of children.”

He also cites what he sees as a “knowledge gap” in many schools because those tasked with cybersecurity must often wear multiple hats. “With so many hats and jobs they have to perform, they’re spread thin and overworked, which can make cybersecurity an afterthought,” he warns.

Ransomware Attacks Are the Most Prevalent

The growth of ransomware attacks against schools has mirrored an increase in these attacks across virtually all industry and government sectors. For K-12 schools, LeMiere says, ransomware attackers will threaten to shut down the school if the ransom isn’t paid.

He describes how disruptive and serious these attacks can be: “Schools could have their cafeterias or payment processing systems impacted, making it impossible to sell students meals. In many cases, teachers may not be able to access their lesson plans and educational materials, making it difficult to teach their students that day’s lessons. Finally, with the advent of smarter, more connected, and more automated buildings and devices, things like door locks can be compromised, making it difficult for schools to protect their students.”

In ransomware attacks against higher education, the goal is often to obtain the university’s “crown jewels,” such as valuable research or information on provost or alumni donors, where there is a greater opportunity for a large payout, LeMiere says.

Balancing Academic Freedom and Cybersecurity

LeMiere also comments on the difficulty universities and colleges face in balancing academic freedom against the need to protect access to valuable systems and assets. These institutions “want to make sure that they’re protecting the school while still allowing professors and students to freely work across the internet. It’s a fine line that they have to walk and a topic that comes up in many conversations that I have with colleges and universities as I travel across the country,” he says.

Another issue higher education encounters is lack of funding for cybersecurity resources. LeMiere says that many of the colleges and universities he visits are trying to monitor and protect networks that have as many as 20,000 users and 200,000 devices. “Trying to control and monitor all of that with a small crew is virtually impossible. And that makes them particularly susceptible.”

What Can Schools Do?

LeMiere recommends several steps K-12 schools and higher education institutions can take to improve their cybersecurity capabilities and fortify their defenses against an attack, including:

• Educate your population: Staff, faculty and students need to be aware of scams that can be used to target schools — including spear-phishing attacks — so they know how to identify them and understand the damage they can inflict.
• Partner with a technology company that can help you: Schools choose a technology company that can educate them on the threat landscape and the adversaries that may be targeting them, in addition to helping them clean up their network environment and establish a solid cybersecurity baseline.
• Embrace new solutions: An effective technology partner will work with you to identify solutions that are easy to deploy and manage, and that won’t burden limited school resources. It’s also important that a partner understands the school’s goals, knows its security playbooks and is able to help establish appropriate and effective defenses.

In closing, LeMiere stresses how important it is for schools, colleges and universities to increase their focus on cybersecurity. “We need to get all schools to start taking cybersecurity as seriously as physical security and ramping up their defenses accordingly.”

Additional Resources

• Read the entire article on govcybersecurityhub.com.
• Learn how the CrowdStrike Falcon® platform protects schools and other public sector organizations.
• Test CrowdStrike next-gen AV for yourself. Start your free trial of Falcon Prevent™ today.