Why malware could be a threat to your school

Why malware could be a threat to your school

The end of the school break can be a challenging time for schools’ cybersecurity management.

For example, many students and staff are now returning to school with devices that have been infected with malware from compromised sites they have been browsing in their own time during the break.

To provide some further insights into these risks, and how they can be averted, Malwarebytes Labs released its quarterly Malwarebytes Labs Cybercrime Tactics and Techniques report.

The report, which provides insights and statistics gathered from April through June 2018, includes telemetry data from both consumer and business products, which are deployed across millions of machines worldwide.

It found that schools are often the first to see malware threats emerge because of the way students and staff behave. For example, both students and staff bring in multiple connected devices from home and use them across the schools network, putting them at risk of numerous malware infections.

The majority of detections are from often-overlooked types of Malware such as Adware, which slow down computers and take up screen space. Data shows that Riskware at 2,266 detections, Adware at 1,957 detections and Hijacker at 1,793 detections have been some of the most common threats for students this quarter in Australia.

Jim Cook, regional director, Australia and New Zealand, Malwarebytes said cybercriminals actively target sites where students commonly browse – and they are often legitimate sites.

“A common way to infect one of these sites is through the ads, which get served up from a different, less secure source, an occurrence which is reflected by this quarter’s data,” Cook said.

“As the cyber threat landscape evolves, there is a need for schools to understand cybercriminals’ tactics, and ensure their security is capable of keeping their staff and students protected.”

Below, Malwarebytes’ shares its top tips for schools to consider when protecting themselves and their students from malware attacks:

  • Invest in an endpoint security solution that uses multiple layers to protect staff and students whether they are working within a secure environment or not.  Protection of PC, Mac, IOS and Android devices is critical,
  • Monitor and categorize all IoT devices on the campus. Flagging new or unknown devices can help restrict the many threats that may occur in an educational environment and consistent vigilance from a centralized system will help to identify and remedy risks as they occur anywhere on the network, 
  • Segregate your network so that staff devices, student devices and unmanaged IoT devices are on separate VLANs.  That way if an infection does occur it’s won’t spread as far or as fast,
  • Automate remediation to free up IT time and offer proactive education to students and staff who use IoT connected BYODs on campus.
  • Always back up your important information.