The poor state of cybersecurity in K-12 schools is making it too easy for criminals to conduct cyberattacks. As recent cybersecurity reports show, attacks are coming thick and fast. Action is needed to shore up security and keep cybercriminals at bay.
Cyberattacks on K-12 Schools Have Been Increasing Since 2018
Education has long been one of industries most commonly targeted by cybercriminals and there has been a marked increase in attacks since 2018, when several major cyberattacks on K12 schools resulted in data theft and huge financial losses.
The 2018 State of K-12 Cybersecurity report from the K12 Cybersecurity Resource Center revealed 122 cyberattacks on K-12 schools were reported in 2018. 119 public K-12 education agencies in 38 states reported attacks. 60% of those cyberattacks resulted in the personal data of students being compromised.
North Dakota schools were hit particularly hard. In February 2018, one third of schools in the state experienced malware attacks. In many cases, the malware infections were the result of staff and students clicking on links in emails, visiting malicious websites, or opening malware-laced email attachments.
The 2019 State of Malware report from Malwarebytes reveals that in 2018, education was the number one industry targeted with Trojans and was second for ransomware attacks. Business email compromise scams are also common and many K12 school districts suffered W-2 phishing attacks and were fooled into sending scammers copies of employees’ tax information.
There have also been several successful email scams that have resulted in staff being fooled into making fraudulent transfers of school funds to criminals’ accounts. A school district in Texas was scammed out of $2 million in construction funds as a result of a phishing attack that fooled a staff member into making payments to fraudulent accounts. The high number of these types of scams prompted the FBI to issue a warning to schools in September 2018 about phishing scams that attempt to steal employees’ credentials.
K-12 schools are an attractive target for cybercriminals because attacks are relatively easy and the potential rewards are high. Student information sells for big bucks on the black market. Personal information along with Social Security numbers can be used for identity theft. It typically takes longer for identity theft to be detected with minors. If student data are stolen, thieves can rack up huge debts in students’ names over the course of several years before fraud is detected.
The State of Cybersecurity in K-12 Schools
Even though the risk of cyberattacks is high, many school leaders fail to appreciate the seriousness of the problem and how even simple changes to improve cybersecurity in K-12 schools can prevent most cyberattacks.
A Consortium for School Networking/Education Week Research Center survey in late 2017 showed that only 48% of school leaders considered the threat from phishing to be significant or very significant, with the numbers falling to under 30% for malware and ransomware attacks. Only 15% of K-12 schools have implemented a cybersecurity plan, just 29% have purchased cybersecurity products and services, and 31% had not provided end-user training.
The high value of student data, the opportunity to conduct multiple types of fraud, and poor cybersecurity defenses is a winning combination for cybercriminals. Unfortunately, there is no single solution that can be implemented to improve cybersecurity and prevent costly cyberattacks and data breaches. What is needed is an effective cybersecurity plan, policies and procedures, training, and technology.
How to Improve Cybersecurity in K-12 Schools
School budgets are usually stretched so it can be difficult to find the funds to improve cybersecurity in K-12 schools. It is therefore important to choose cybersecurity solutions wisely and select products that provide protection against the most common methods used by cybercriminals to attack schools.
Many of the attacks start with a single phishing email. It is therefore critical for K12 schools to improve email security, and for that, an advanced spam filtering solution is essential. SpamTitan blocks more than 99.9% of spam and phishing emails and is an ideal, low-cost, easy-to-implement spam filtering solution for K12 schools.
A web filtering solution is also an important cybersecurity measure. In addition to blocking students’ access to obscene content, as required for CIPA compliance, web filters can prevent users from visiting phishing websites and will block ransomware and malware downloads. The cost of a web filter can be partially offset by discounts obtained through the E-Rate program.
End user training is also important. K12 schools need to include cybersecurity awareness training as part of their staff development program. Rather than providing a one-off or annual training session, training needs to be conducted regularly to keep staff up to speed on the latest threats.
Doing nothing to improve cybersecurity in K-12 schools is now simply not an option. If costly cyberattacks are to be avoided, is not improved, cybersecurity in K-12 schools must be improved.
If you want to find out more about email and web security and just how affordable these solutions can be for schools, contact the TitanHQ team today.
Businesses that want to start content filtering have a choice: A DNS filter or appliance, but which is best? In this post we explain the benefits of DNS filtering over on-premise solutions.
Traditionally, businesses that wanted to restrict Internet access and block web-based threats would purchase a physical appliance through which all internet traffic would flow. The appliance would be installed on-premise and controls would be applied to cover anyone connected to the network. The appliance would prevent employees and guest users from accessing certain types of web content, block malicious traffic, and ensure malware is not downloaded onto endpoints.
Today, businesses have a choice. They can purchase a physical appliance or they can install a virtual appliance. A virtual appliance performs the same functions as a physical appliance, but it is software-based solution that is installed on existing hardware. This means it is not necessary to purchase any hardware and businesses can save money. In this article we will treat physical and virtual appliances as one.
Another alternative is a DNS filter. A DNS filter requires no hardware purchases or software downloads. The filter works at the DNS level and all filtering takes place in the cloud.
Both types of content filtering solutions allow businesses to prevent users from accessing malicious websites when connected to the network and restrict the types of content that can be accessed.
DNS Filter or Appliance?
If you are unsure whether to opt for a DNS filter or appliance, consider the following benefits of DNS filtering over appliances.
No costly appliance to purchase and quick and easy filtering
Appliances can be costly and they need to be ordered, delivered, and installed. That means the IT team will need to be on site to complete the install. The hardware will also need to be maintained. With a DNS filter deployment is quick and easy. Simply point the DNS to the service provider and you can be up and running in minutes.
Avoid scalability issues
An appliance can be used for a limited number of users. If the business grows or if more devices need to connect the internet, it may be necessary to upgrade the appliance or buy multiple appliances. Similarly, if the number of users falls, you will be left with an expensive appliance that is surplus to requirements. With a DNS filter, you just pay for the number of users and can scale up and down as necessary.
Appliances require content to be downloaded
With an appliance the filtering takes place on the appliance itself, which means any malicious content must be accessed and downloaded before it is blocked. A connection must be made to a malicious site before any filtering takes place, however briefly. Further, since content is downloaded, that has an impact on bandwidth. With a DNS filter, the filtering takes place at the DNS level before a connection to a site is established which means threats are eliminated before any malicious code reaches the perimeter. A DNS filter can also block command and control center callbacks and data exfiltration attempts and protects all ports and protocols, not just port 53.
DNS filters inspect SSL traffic using the service providers resources
Most websites are now SSL enabled, which means web traffic must be decrypted, inspected, then re-encrypted. That requires a lot of processing power which can have a negative impact on end users. During heavy usage, slow downs are inevitable and CPU usage can be intensive. With a cloud-based DNS filter, the service provider performs the processing and, regardless of traffic volume, the user experience is the same.
DNS Filters make it easy to filter at multiple locations
If you buy an appliance, protecting remote workers and satellite offices is a problem. You need to backhaul traffic to the location where the appliance is located, so regional offices and remote workers will have slower internet speeds. With a DNS filter, it is possible to filter in multiple locations and to protect remote workers no matter where they are located, without the need to backhaul traffic. That means no latency.
DNS filters allow managed service providers to offer filtering to their clients
A DNS filter makes it easy for managed service providers to add content filtering to their service stacks. There is no need for an appliance to be sent to a client and installed by MSP staff. A cloud-based DNS filter is a turnkey solution that can easily be set up and managed remotely. All clients can be managed through a single pane of glass, making monitoring and management simple with little time investment required.
In short, for the majority of businesses considering a DNS filter or appliance, a DNS filter wins hands down. It is quick, easy, simple, efficient, and is the most cost-effective way of content filtering and blocking web-based threats.
Further, you can try DNS filtering before committing to a purchase. With TitanHQ’s WebTitan Cloud, you can have a two-week trial of the full product to evaluate it in your own environment.
Can you explain DNS filtering vs web filtering?
Web filtering is a general term used to describe the filtering out of undesirable web content. Web filtering often involves blocking specific URLs and websites that are included in a blacklist, such as web pages that are known to be malicious or contain illegal content. A DNS filter is a type of web filter that works at the DNS lookup stage of a web request. DNS-based filters perform filtering without downloading any content so there is zero latency. Most also support URL filtering.
Why do I need a DNS filter?
A DNS filter is an essential cybersecurity tool that businesses use to block malware downloads from the Internet, to prevent employees from visiting phishing websites, and to carefully control the types of content employees can access on company-managed networks. A DNS filter will block threats that would otherwise lead to unauthorized network access.
Can a DNS filter be bypassed?
It is possible to bypass a DNS filter by using a VPN or anonymizer service. With WebTitan it is possible to block access to anonymizer services through the admin control panel. You could also bypass a DNS filter by changing the DNS settings, so it is recommended that these settings are locked down.
What are the main benefits of a DNS filter?
A DNS filter blocks access to malicious websites and will prevent malware downloads. By blocking access to certain types of web content – social media and dating websites for example – employers can improve productivity. DNS filters can also be used to prevent employees from accessing illegal content to reduce legal risk.
Is WebTitan a good OpenDNS Umbrella alternative?
Many businesses are now looking for an OpenDNS Umbrella alternative. Common complaints are the quality of customer support and the response times, Umbrella is overly complicated, and the solution is one of the most expensive web filters available. WebTitan is an ideal OpenDNS Umbrella alternative for most businesses. It provides excellent protection, is easy to use, is far less expensive, and users benefit from industry-leading customer support.
The threat of malware downloads from visiting adult websites has long been thought to be a major risk; however, not all studies on the subject have demonstrated that the risk is any higher than visiting other types of websites. The owners of adult websites, as legitimate business owners, have a vested interest in keeping their sites malware free.
However, new research from Kaspersky suggests the threat of malware downloads from visiting adult websites is real, and adult-themed phishing attacks increased in 2018.
Is There a High Risk of Malware Downloads from Visiting Adult Websites?
According to its latest report, there is a real risk of malware downloads from visiting adult websites. Naturally for consumers who visits adult websites, the risk is theirs to take. For businesses however, risks taken by employees can prove incredibly costly.
One of the major stories to be covered in the media on this theme in 2018 involved a government employee with a prolific thirst for such content. He was discovered to have accessed more than 9,000 adult websites and had inadvertently downloaded malware onto his work computer and the network. After visiting so many sites, that is perhaps understandable, but there have been many such malware downloads from far less prolific surfing of adult sites.
Kaspersky Lab’s research indicates that most malware downloads from malicious websites involves malware disguised as videos. Oftentimes, users are required to download a supposedly benign but malicious file in order to access the video.
Cybercriminals are also using black-hat techniques to poison the search results and get malicious sites appearing high up in the listings. The top 20% of porn-related search terms accounted for 80% of malware disguised as porn. Kaspersky’s tracking indicated 87,227 users had downloaded malware-disguised as porn and 8% of those did so via their work network.
The use of these porn tags is also common to get users to download non-malware threats such as adware and downloaders, although the latter are often capable of downloading much more malicious files. While the number of these attacks decreased by 36% year-over-year, attacking people searching for adult content is still common.
The most common threats associated with adult content were Trojan downloaders (45%) and Trojans (20%), followed by adware (9%) and worms (8%).
Adult-Themed Phishing Attacks Increased by 1,000% in Q4, 2018
While it was previously uncommon for phishing scams to use porn as a lure, that changed in 2018. It is still common for cybercriminals to use impersonate or create fake hookup sites to lure people into divulging credentials but there was also a 1,000% increase in phishing attacks using websites that masquerade as porn websites. Most commonly these were spoofed versions of the top 10 adult sites on the web. The rise in these types of phishing scams could be indicative of a trend that will grow in 2019.
The research shows that malware downloads from visiting adult websites is still a risk and the threat from adult-themed phishing attacks has grown at an alarming rate. Businesses should take note and take steps to limit risk.
The easiest way to do that is with a DNS web filter – A solution that allows businesses to carefully control the web content that can be accessed on work devices and via their wireless networks. With a DNS web filtering solution in place, businesses can block access to adult websites, commonly spoofed hookup and dating sites, and web-based phishing threats.
Not only will a DNS web filter provide protection against phishing, ransomware, and malware downloads, by blocking access to these adult sites, legal liability can be reduced and staff issues can be avoided.
If you have yet to start filtering the internet and preventing your users from accessing adult websites, other NSFW web content, and sites that are a drain on productivity, TitanHQ can help.
For a very low cost, businesses can protect all users of their wired and wireless networks and block a wide range of web-based threats. MSPs can also start providing filtered internet service to better protect their clients.
For further information, contact TitanHQ today and ask about WebTitan Cloud and WebTitan Cloud for WiFi – TitanHQ’s award winning web filtering solution for businesses.
TitanHQ has launched a busy campaign of MSP roadshows and conferences with two Valentine’s Day events in London and Tampa, Florida.
Over the coming five months, the TitanHQ team will be attending 15 events in Ireland, the Netherlands, the UK, and the USA, and will be meeting with managed service providers (MSPs), Wi-Fi providers, ISPs, and technology partners to introduce and explain about TitanHQ’s award-winning suite of email security, web filtering, and email archiving solutions.
The 2019 roadshow campaign started in London where Alliance Manager Eddie Monaghan met with current and prospective MSP partners at the IT Nation Q1 EMEA Meeting. Eddie will be at the event all week and will be discussing TitanHQ’s MSP solutions and finding out more about what is happening in the MSP world. TitanHQ has learned a great deal since joining the IT Nation community two years ago and has really enjoyed the experience thus far.
TitanHQ Alliance Manager, Eddie Monaghan
On the other side of the Atlantic, Alliance Manager Patrick Regan has been meeting with MSPs from Florida and beyond at the TitanHQ-sponsored Datto Roadshow in Tampa. Since joining the Datto community as a strategic partner, TitanHQ has worked closely with Datto MSP partners helping them to integrate email security, DNS filtering, and email archiving into their product offerings and providing tips and tricks to help them to get the most out of the products.
TitanHQ has been increasing its technology partners over the past year and is now working closely with industry giants Comcast, BitDefender, Microsoft, Kaseya, and ViaSat and is a proud member of IT Nation (HTG Peer Groups), Datto Roadshows, COMPTIA, and ASCII.
From humble beginnings as an indigenous Irish company providing anti-spam appliances to the local market, over the following 20 years TitanHQ has developed an innovative range of cloud-based solutions and has matured into a global provider of network security solutions for enterprises, SMBs, and MSPs. TitanHQs award-winning cybersecurity solutions are now offered by a network of more than 1,500 MSP partners and have been adopted by several thousand businesses in 200 countries around the globe.
The TitanHQ product suite has been developed to meet the exacting needs of MSP partners and are delivered via the TitanShield Program. The products help MSPs to protect themselves and their clients, while saving valuable time and effort by blocking threats at source before they can cause any harm.
TitanHQ’s spam filtering solution – SpamTitan – and web filtering solution – WebTitan – help MSPs keep their clients protected from malware, ransomware, viruses, botnets, phishing attacks and other email and web-based threats.
The cloud-based solutions are easy for MSPs to slip into their service stacks to build a high-margin security practice offering clients world-class network security services.
If you are already a TitanHQ TitanShield partner or want to find out more about the MSP program and TitanHQ products, be sure to attend one of the upcoming events and come and meet the TitanHQ team.
We look forward to meeting you at one of the upcoming roadshow events in 2019.
Web filtering at multiple locations can be a headache but it is a necessity. Human error can easily result in an email account breach, malware download, or ransomware attack. Every employee is a potential security risk, so it is important for controls to be implemented to reduce the risk of mistakes leading to a costly security incident.
One of the main ways that data breaches occur is through phishing. The web pages used in phishing attacks host phishing kits that collect login credentials and send them to the scammers. The web pages usually contain identical copies of the login boxes used by the likes of Microsoft Office 365, Google, and Facebook. The web pages are incredibly realistic and can be difficult for employees to identify as malicious.
Hyperlinks in emails also direct employees to websites containing exploit kits which probe for vulnerabilities and silently download malware. A user could visit a website for a couple of seconds, yet still trigger a malware download. Even general web surfing can see users redirected to malicious websites.
The solution is to implement a web filter. A web filter allows businesses to control the web content that users can visit, and it also blocks access to malicious web sites.
Web Filtering at Multiple Locations
While a web filter is easy to implement on premises, protecting mobile workers and multiple offices can be more of a challenge. Traditionally, web filters were physical appliances through which all Internet traffic flowed. Rules were applied to the appliance to control what sites can be visited by employees.
One of the main disadvantages when web filtering multiple locations, is a separate appliance needs to be used at each location. Not only is this costly, installing and maintaining the appliance requires technicians to be available on site. For many businesses running multiple offices, IT is managed remotely. IT staff are not available at each site. An appliance-based filter at each site is far from ideal.
An alternative is to backhaul Internet traffic to the corporate office, but this has a major impact on Internet speed. The latency issued can cause major problems for remote offices so this option is also not ideal.
The best solution is a cloud-based DNS web filter. A DNS web filter can be applied, configured and maintained remotely without the need for site visits or on-site support staff. No hardware is required and no software needs to be downloaded. All that is required is for a change be made to internal DNS servers or DNS settings.
Not only does this approach eliminate the need for any costly hardware purchases, with a cloud-based DNS filter there is no latency. The DNS-filter can be applied for all locations and managed through a single web-based interface. Controls can also be applied for different locations via an AD/LDAP client.
A cloud-based DNS filter is ideal for web filtering multiple locations, but what about protecting employees on the move? When employees travel for business, their mobile devices similarly need to be protected. A DNS filter can protect those employees online no matter where they access the Internet without the need to backhaul traffic.
Cloud-based DNS web filters are also the ideal solution for managed service providers (MSPs) who want to offer web filtering to their clients. The filters are highly scalable, and they offer multitenant management for MSPs and allow all clients settings to be configured and managed through a single pane of glass. Separate polices can be applied for each clients and reports can be easily generated. There is no need for any site visits, no need for patching, and web filtering can be offered no matter where the client is based.
WebTitan Cloud – Web Filtering Multiple Locations Made Simple
TitanHQ is a leading provider of DNS-based web filtering for businesses. WebTitan Cloud is an enterprise-class DNS-based web filtering solution that makes web filtering multiple locations effortless. The solution takes minutes to implement and requires no training to use. All web filtering controls can be applied remotely via an intuitive user interface.
If you run a business in multiple geographical locations, want to protect remote workers, or if you are a managed service provider that wants to add web filtering to your service stack, contact TitanHQ for further information on WebTitan Cloud.