Education sector ‘low hanging fruit’ for cyber criminals: expert
Posted Jan 28, 2025 05:50:32 AM.
Last Updated Jan 28, 2025 11:18:38 AM.
Back in 2022, the Waterloo Region District School Board (WRDSB) was hit with a cyberattack that compromised the personal information of then-current and former employees and the personal information of students was also accessed.
The board ended up paying the hackers an undisclosed sum to have that data deleted.
WRDSB wasn’t the first and certainly won’t be the last school board to be targeted by cybercriminals. In fact, trends are showing school boards are becoming an increasingly popular target, according to experts.
Dr. Ali Dehghantanha, University of Guelph professor, Canada Research Chair in Cybersecurity and Threat Intelligence was a guest on The Mike Farwell Show and said the education sector and the agri-food sector are the among most vulnerable because they have done a poor job implementing the policies and technology needed to protect sensitive information.
“I would say the first step is to conduct a vulnerability or security risk assessment. And, the second is that boards need to get a report, at least twice a year, on the current state of cybersecurity at other schools.”
Dehghantanha said the problem for school boards is a lack of guidance.
“Unfortunately, there are no security standards whatsoever that can help the school boards choose a vendor or which vendors are better, from a security point of view.”
He recommends school boards talk amongst themselves to share what is working or what isn’t. He said, when it comes to cybersecurity, there are two options:
“When I speak with the school boards I tell them either you invest that amount to improving your cybersecurity or you pay that ransomware. That’s your choice.”
