你正在做什么来保护你的实体免受网络犯罪?
Cyber-attacks and data breaches do not discriminate and it only takes one wrong click to exploit a vulnerability in your system. 不幸的是, due to the amount of sensitive information housed in the databases of educational institutions, 学校有更大的义务,不惜一切代价确保他们的网络得到保护. 此外,网络攻击可能会使你的网络几乎毫无用处, bad actors – those leading the attack – could gain access to and make off with critical data. 虽然数据盗窃已经够糟糕的了, failure to secure student data in accordance with the Family Educational Rights and Privacy Act (FERPA) can result in dire consequences to your school and your district.
你所在地区的数据安全吗?
作为一个教育机构, the community you serve has an expectation that school officials are not only in the business of education but of maintaining the safety of the children they serve. 家长们相信他们的学生在教室里是安全的, 多亏了技术的使用, 他们的数据是安全的,不会被那些想要伤害他们的人窃取. In short – safety in our schools is now assumed to go far beyond physical and mental wellbeing. Today, digital safety is a very real expectation and the public is now asking what their schools are doing to maintain the safety and security of all the data in their possession.
With the rise of online education – particularly resulting from impact COVID-19 has had on education– Windows PCs are competing with Google Chromebooks to become the go-to device the classroom. 根据2021年1月的公告, 微软表示, “超过2亿学生, faculty, 机构领导人, 教师积极使用微软教育产品.” Moreover, 自2020年9月起, the number of students using Microsoft Teams has reportedly increased by 30 million and the total number of students using the platform has risen to 100 million.
微软无疑在教育界取得了进展. 不幸的是, 这就是为什么最新的windows的安全漏洞, 打印的噩梦, 太可怕了. 即便如此,我们还是可以从《比较靠谱的赌博软件》中学到宝贵的经验. Notably, the security vulnerability demonstrates the importance of conducting a cybersecurity risk assessment in your district to determine where your vulnerabilities lie – a crucial first step to determine the best way to implement a district-wide cybersecurity and data protection strategy.
近距离观察印刷噩梦的威胁
打印的噩梦 allowed attackers to access the print spooler of targeted Windows workstations or servers, 这让他们有能力运行伪装成打印驱动程序的恶意代码. Knowing their victims would be unlikely to question the legitimacy of a print driver update, all the hacker had to do was wait for the fictitious print driver to be updated and installed. 安装完成后, the hacker gained the all-access pass they were looking for and could secure the credentials necessary to run wild on the organization’s network – gaining access to critical servers and data.
学校面临的问题
大家可以想象, “打印噩梦”严重损害了微软在市场上的声誉. 但影响还不止于此. 受此漏洞影响的个人组织也面临着后果. 作为政府资助的实体, 当公众的信心动摇时,学校被要求达到更高的标准, 要重新获得他们的信任可能很难. And then there’s FERPA and the Protection of Pupil Rights Amendment (PPRA) to contend with, 如果发现违规怎么办, 可能导致你所在的机构不再有资格获得U.S. 教育部拨款.
“While the Family Educational Rights and Privacy Act of 1974 (FERPA) does not require educational institutions to adopt specific security controls, 安全威胁可能对学生的隐私构成重大威胁,美国说。.S. 在教育部的安全网页上. “教育机构应采取适当措施,保护学生档案. 违反教育数据是很常见的,并可能导致违反FERPA, 以及给学生带来的一系列负面后果,如身份盗窃, fraud, 和敲诈勒索.”
The Fix
虽然不理想, there are two actions you can take now to protect your machine and network from 打印的噩梦. 您可以采取的第一个操作是关闭设备的打印假脱机程序.
这样做的缺点是用户将无法再从设备上打印. The second action you can take is to turn off incoming remote client connections to the print spooler on all devices. This specific solution will effectively add another layer of protection for your network, 但它不会阻止攻击发生在本地机器上. 此外, this method can’t be implemented on networks where a print server is being used as it will block printing to network printers except by IP address. Only printers that have been added locally to the machine by IP address will continue to function. 正如您所看到的,这两种解决方案都不太理想.
好消息是, however, 微软发布了稳定的更新流目标和, ultimately, 保护Windows设备免受打印噩梦漏洞. It is vital that you deploy all updates immediately to keep your devices safe if you have not already.
我们在战争中
网络攻击和数据泄露的威胁不太可能消失,而且它是有针对性的 all 设备——不仅仅是Windows. This means your entity must take proactive measures to win the war for complete control and protection of your data and network security. The first step is to partner with a team that’s not only knowledgeable about the specific challenges your organization faces but that can provide insight into your unique network vulnerabilities. A comprehensive risk assessment should be performed and gaps in your cybersecurity infrastructure should be closed immediately. Finally, work with your cyber team to develop a strategy that constantly monitors your network for vulnerabilities and immediate threats while accounts for regular updates of your security controls.
美国学校的网络威胁持续上升
自2016年起, K-12网络安全资源中心 追踪了全国K-12公立学校的1180起网络事件. 这些事件包括但不限于:
- Unauthorized disclosures, breaches, or hacks resulting in the disclosure of personal data
- Ransomware攻击
- 网络钓鱼攻击导致个人资料泄露
- 拒绝服务攻击
另外, in 2020, the education sector accounted for more than 60 percent of all reported cyber- attacks in the United States. 换句话说, the cyber threat is very real and it’s past time for district administrators to make cybersecurity a priority – particularly now that there is an increased need to secure remote environments and protect personal student and employee data in compliance with data privacy laws while accommodating the growing demand for remote education. 幸运的是,保护你的数据并不一定要耗尽你所在地区的资金. 例如,根据a OASBO最近发表的一篇文章 “可以批准资金用于网络安全技术和用户意识培训.”
需要指导? We Can Help
Rea & 员工的网络团队以数据为先, security-focused risk assessments designed to reinforce data integrity all levels while ensuring organizational compliance and maximum protection. The team can also help you secure the funding you need to secure maximum protection of your district’s network. If you would like to learn more about 打印的噩梦 or the steps you can take to secure your educational institution as a whole, contact our 网络安全专家 at Rea & Associates.
欲了解更多信息,请访问我们的网站 f5gb.776kingston.com/cybersecurity.
By 特拉维斯·斯特朗,CISA (伍斯特哦)