What Are You Doing To Protect Your Entity From Cybercrime?
网络攻击和数据泄露是一视同仁的,只要一个错误的点击就可以利用你系统中的漏洞. Unfortunately, 由于教育机构数据库中存有大量敏感信息, schools have a greater obligation to ensure their networks are protected at all costs. In addition to cyberattacks that could render your network virtually useless, 不良行为者——那些领导攻击的人——可以访问并带走关键数据. And while data theft is bad enough, 未能按照《比较靠谱的赌博软件》(FERPA)保护学生数据可能会给你的学校和学区带来可怕的后果.
Is Your District’s Data Safe?
As an educational institution, 你所服务的社区期望学校官员不仅要教育,还要维护他们所服务的孩子的安全. Parents trust that their students are safe in the classroom and, thanks to increased technology usage, that their data is secure and protected from those who intend to do harm. 简而言之,我们学校的安全现在被认为远远超出了身心健康的范畴. Today, 数字安全是一个非常现实的期望,公众现在问他们的学校正在做些什么来维护他们拥有的所有数据的安全.
随着在线教育的兴起,特别是由于新冠肺炎对教育的影响,Windows pc正在与谷歌chromebook竞争,成为课堂上的首选设备. According to a January 2021 announcement, Microsoft stated that, “more than 200 million students, faculty, institutional leaders, and teachers are actively using Microsoft Education products.” Moreover, since September 2020, 据报道,使用微软Teams的学生人数增加了3000万,使用该平台的学生总数已上升至1亿.
Microsoft has certainly made gains among the education community. Unfortunately, this is why the latest Window’s security vulnerability, Print Nightmare, is so terrifying. Even so, there are valuable lessons to be learned from Print Nightmare. Notably, 安全漏洞显示了在您所在地区进行网络安全风险评估以确定漏洞所在的重要性,这是确定实施全区网络安全和数据保护战略的最佳方式的关键第一步.
A Closer Look At Print Nightmare The Threat
打印噩梦允许攻击者访问目标Windows工作站或服务器的打印假脱机程序, which gave them the ability to run malicious code disguised as a print driver. 知道他们的受害者不太可能质疑打印驱动程序更新的合法性, 黑客所要做的就是等待虚拟的打印驱动程序被更新和安装. Once installed, 黑客获得了他们正在寻找的所有访问权限,并且可以获得在组织网络上肆意运行所需的凭证-获得对关键服务器和数据的访问权限.
The Problem Facing Schools
As you can imagine, “打印噩梦”严重损害了微软在市场上的声誉. But the fallout doesn’t stop there. Individual organizations affected by this exploit are also facing repercussions. As government-funded entities, schools are held to higher standards and when the public’s confidence is shaken, it can be difficult to regain their trust. 然后是FERPA和保护学生权利修正案(PPRA), which if non-compliance is found, could result in your institution no longer being eligible for U.S. Department of Education funds.
“虽然1974年的《比较靠谱的赌博软件》(FERPA)没有要求教育机构采取具体的安全控制措施, security threats can pose a significant risk for student privacy,” states the U.S. Department of Education on its security webpage. “Educational institutions should take appropriate steps to safeguard student records. Breaches of educational data are common and can lead to a violation of FERPA, as well as to a host of negative consequences for students such as identity theft, fraud, and extortion.”
The Fix
Albeit not ideal, 现在你可以采取两项行动来保护你的机器和网络免受“打印噩梦”的侵害. The first action you can take is to turn off the device’s print spooler.
The downside here is that the user will no longer be able to print from the device. 您可以采取的第二个操作是关闭所有设备上到打印假脱机程序的传入远程客户端连接. This specific solution will effectively add another layer of protection for your network, but it will not stop the attack from occurring on the local machine. Furthermore, 这种方法不能在正在使用打印服务器的网络上实现,因为它会阻止除IP地址外的网络打印机的打印. 只有通过IP地址在本地添加到机器上的打印机才能继续工作. As you can see, both of these solutions are less than ideal.
The good news, however, Microsoft released a steady stream of updates to target and, ultimately, protect Windows devices from the Print Nightmare vulnerability. 这是至关重要的,你立即部署所有更新,以确保您的设备安全,如果你还没有.
We Are At War
Threats of cyber-attacks and data breaches are unlikely to go away, and it’s targeting all devices – not just Windows. 这意味着您的实体必须采取积极主动的措施来赢得完全控制和保护您的数据和网络安全的战争. 第一步是与一个团队合作,这个团队不仅了解您的组织面临的具体挑战,而且可以洞察您独特的网络漏洞. 应该进行全面的风险评估,并立即关闭网络安全基础设施中的漏洞. Finally, 与你的网络团队合作,制定一个持续监控网络漏洞和即时威胁的策略,同时定期更新你的安全控制.
Cyber Threats In America’s Schools Continue To Rise
Since 2016, the K-12 Cybersecurity Resource Center has tracked 1,180 cyber incidents within the nation’s K-12 public schools. These incidents include, but are not limited to:
- 未经授权的泄露、破坏或黑客攻击导致个人数据泄露
- Ransomware attacks
- Phishing attacks resulting in the disclosure of personal data
- Denial-of-service attacks
Additionally, in 2020, 在美国报告的所有网络攻击中,教育部门占了60%以上. In other words, 网络威胁是非常真实的,地区管理者早就应该把网络安全作为优先事项了——尤其是现在,在适应日益增长的远程教育需求的同时,越来越需要保护远程环境,保护学生和员工的个人数据,遵守数据隐私法. Fortunately, protecting your data doesn’t have to wipe out your district’s coffers. For example, according to a recent article published by OASBO, “funding can be approved for cybersecurity technologies and user awareness training.”
Need Guidance? We Can Help
Rea & Associates’ cyber team performs data-first, 以安全为重点的风险评估,旨在加强所有级别的数据完整性,同时确保组织合规性和最大程度的保护. 该团队也可以帮助您获得所需的资金,以确保您地区网路得到最大程度的保护. 如果你想了解更多关于印刷噩梦或你可以采取的步骤,以确保你的教育机构作为一个整体, contact our cybersecurity experts at Rea & Associates.
For additional insight, check out our website at mlboje.azarnewsonline.com/cybersecurity.
By Travis Strong, CISA (Wooster, OH)