DICT unit: Cyberattacks rise in universities schools, as work, learning move online

SCHOOLS and universities in the country are warned of cybersecurity attacks as the number of users move online for remote working and learning.

According to the National Computer Emergency Response Team (NCERT), the Cybersecurity Bureau has been monitoring and receiving reports on cyberattacks targeting the academe sector over the past weeks.

“These security incidents, mainly involving data breaches and web defacement, affected information systems of schools/universities across the country,” the statement read.

NCERT is a division under the Cybersecurity Bureau of the Department of Information and Communications.

With the rise in the number of users using online systems for remote working and learning because of the pandemic, school officials need to understand the seriousness of cyber risks and assess how to best operate securely in this new normal, NCERT stressed, as educational institutions in the country pursue online learning to prevent further Covid-19 local transmissions.

The NCERT-PH encouraged school officials to implement some safety nets to protect the academe’s information systems.

It said schools and universities should make an inventory of all web assets including their versions (CMS, server modules,applications, data storage, database, etc.).

The institutions should ensure that there is a security team who can handle the security checking, patching and upgrading of websites, databases and webservers.

There is also a need to upskill the academe’s web team by sending them to cybersecurity training related to their functions and allocate resources for security monitoring tools.

A vulnerability assessment of web systems should also be done. Establishing contacts with web providers if web systems or development are outsourced should also be conducted.

There should be an established coordination and cooperation with law enforcement agencies, sectoral CERT, National CERT and other cybersecurity communities.

A computer emergency eesponse team for the school should also be established.

Moreover, school officials should issue an advisory to students and employees urging them to secure their data and implement a basic cybersecurity awareness program. (JOB with PR)