VIP Focus: Cyber Security Threats and How to Safeguard Against Them

DashBoard, Oct. 18, 2017

SET SEG School Insurance Specialists

Submitted by Molly Mellema, Associate Administrator of the MASB-SEG Property/Casualty Pool and SEG Self-Insurer Workers’ Compensation Fund

In October 2016, the Eastern Upper Peninsula Intermediate School District became aware that a data system that houses Personally Identifiable Information was actively under attack. The district immediately responded to the incident and the IT team shut down access to the district’s network, effectively ensuring the attackers no longer had access to the data and mitigating the threat. Damage assessment quickly ensued and EUP ISD Superintendent Dan Reattoir, Ed.D. was notified of the situation. Dan immediately contacted the district’s insurance carrier, SET SEG, for assistance in working with his IT team to investigate and respond to the incident.

Identifying the Computer Attack

EUP ISD identified 20 districts within the ISD utilizing the scanning software, so the first step was to determine which access point had been compromised. Their IT team discovered one district was using the password “1234” to access the scanning software and this is where the hackers had entered the network. It was unclear whether the PII had been breached through the software.

“Imagine going into your office on Monday morning and seeing a window was broken and a file cabinet drawer with employees’ personal information was open,” said Reattoir. “The files are all still there, but you’re left wondering if someone is using their personal information. This is almost exactly what we experienced, except it was electronic files that were potentially compromised. However, before sounding any alarm bells, we wanted to have our insurance provider conduct a thorough investigation to determine if any personally identifying information had been breached.”

SET SEG works closely with HSB, a national leader in cyberliability coverage to handle cyberbreach cases. In this situation, HSB determined that, although the PII had been accessed, it was encrypted and unusable. This was great news for EUP ISD, unfortunately this isn’t always the case. If PII had been stolen in a format that was useable, the district would have needed to follow breach notification laws that require the district to notify potential victims and offer credit monitoring.

Guarding Your District

Weak passwords are among the most common vulnerabilities for data breaches. Other exposures include unintentionally downloading malware, clicking on untrustworthy links, using outdated operating systems and browsers, failing to install antivirus software and phishing scams.

Schools are threatened by all of the listed exposures, but phishing emails are particularly important for schools to be aware of. Matthew Stark, Technical Services Manager at Genesee ISD, offers his advice.

“Although we often think of someone entering our network from outside, hackers often gain entrance from inside the organization through phishing emails,” said Stark. “A typical phishing email is disguised to look like it’s from district staff and often asks for the recipient to click on a link to download attachments.”

Stark stresses the importance of helping staff identify these emails and recommends providing all-staff trainings to increase awareness of cyber threats. This is an integral part of protecting your district’s data center. He also recommends districts download subscription-based antivirus and antimalware software and regularly update the versions for each computer.

Ongoing Security

Prevention is the first step a district should take to stop an attack, but they should also implement best practices including:

  • Frequent testing for threats
  • Backing up data
  • Instituting clear web policies for students and staff
  • Hosting continuous trainings for staff
  • Limiting permissions to certain software and drives
  • Developing a response team who is prepared to handle a breach
  • Having an external network for guests to utilize

If you have questions about cyber threats or your district’s cyber coverage, contact Molly Mellema at 517.816.1643 or

VIP Focus articles are company-sponsored advertisements and do not necessarily reflect the views or positions of MASB. It’s intended to provide Very Important Partners with a space to share information of value to you and your district.

Read More DashBoard Articles