How easily can a school be hacked?
One of the biggest cyber security risks to a school are phishing attacks, these are a way for a hacker to gain access to the computer systems within a school via email, you need to take your IT and cyber security seriously to prevent fraud.
Blanket phishing email campaigns are easy to set up and can be sent out to millions of email addresses in one go, so only a small percentage of receivers need to click on the phishing link for the hackers to be successful.
Phishing emails vary hugely, from badly crafted emails with spelling mistakes to well thought out emails with realistic images and logos, these often have relatable information in them and appear genuine.
One of the successful phishing attacks on schools recently has been the ‘Egress Email Attacks’. Here, schools received an email from another school which had a seemingly trustworthy link to a document to download. But the sender has already been hacked. The email that had been sent from their email account was in fact a phishing campaign auto run by the software they had inadvertently downloaded onto their computer when they opened the link and filled in their email address so they could access a file.
As Egress is the ‘secure’ way of sending files throughout local government, and you need to put in your credentials to open files stored this way, the user would not think any thing untoward had happened in this ‘man in the middle’ style phishing attack.