The Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Cybersecurity and Infrastructure Security Agency (CISA) have teamed up to target malicious cyberattacks on preschoolers through 12th and educational institutions.

They found that threats to K-12 schools included distributed denial of service attacks, malware, ransomware, and video conferencing interruptions. To have a deep understanding of these threats, read the white paper jointly authored by the CISA, FBI, and MS-ISAC.

These issues will be particularly challenging for K-12 schools facing resource constraints. Therefore, education managers, IT and security personnel must weigh this risk when determining their investments in cybersecurity.

How to protect your district:

In their white paper, the CISA, FBI, and MS-ISAC recommend that districts take additional action against cyber threats.

Plans and Guidelines:

Evaluate or develop upgrade plans, security policies, consumer contracts, and business continuity plans to ensure they address today's cyber threats.

Networking Best Practices:

• Patch operating systems, software, and firmware as manufacturers update.

• Review the configurations for each version of the education asset management operating system to avoid issues that local users may not be able to fix due to disabled local government.

• Change passwords for network systems and accounts regularly, and prevent passwords for different accounts from being reused.

• Use multi-factor authentication whenever possible.

• Disable unused remote / RDP ports and check remote access / RDP protocols.

• Implement application and remote access to only run applications that are permitted by systems and that are known and permitted by established security guidelines.

• Check user accounts with administrator rights and configure access controls with the least privilege in mind.

• Check the logs to make sure new accounts are legitimate.

• Look for open or listening ports and broadcast the ones you don't need.

• Recognize critical components, such as server databases and distance learning infrastructure. Make a backup of these systems and remember the offline backups of the network.

• Perform network segmentation. Do not keep sensitive data on the same server and network segment.

• Specify that antivirus and antimalware solutions are updated automatically; perform regular scans.

User Awareness-- Best Practices:

• Focus on awareness and training. By targeting end-users, employees and students are made aware of threats - such as ransomware and phishing - and how they are deployed. In addition, consumers are educated about information security policies and methods, as well as about new cybersecurity risks and vulnerabilities in general.

• Make sure employees know who to contact if they see suspicious activity or think they have been a victim of a cyber-attack. This ensures that a well-established mitigation strategy can be deployed quickly and efficiently.

• Monitor privacy settings and information available on social networks.

Ransomware - Best Practices:

• Regularly back up data, air holes, and passwords for offline backups.

• Always prepare a recovery plan to manage numerous copies of delicate or proprietary data and servers in a specific, physically, and secure location.

• Report ransomware cases to your local FBI office

• Make sure you sign up with a service provider who can detect abnormal traffic flows and forward traffic from your network.

• If an incident occurs, partner with your local ISP and work with your ISP to monitor the network traffic attacking your network during an incident.

• To block unauthorized IP addresses configure network firewalls.

Best Practices regarding the Refusal of Service:

• Remember to sign up for an outage service that detects abnormal traffic flows and directs traffic from your network.

• Before an event occurs, partner with your local internet service provider (ISP) and work with your ISP to monitor network traffic that attacks your network during an event.

Best Practices for Video Conferencing:

• Make sure participants use the latest version of remote access/dating apps.

• Request passwords to access the session.

• Encourage students not to give passwords or meeting codes.

• Establish a check-in process to identify participants on arrival, e.g. B. in a waiting room.

• Set policies that require participants to log in using real names instead of aliases.

• Make sure that only the host commands are used to share the screen.

• Implement a policy to prevent participants from entering the rooms before the host arrives and leaving the host before all participants leave.