This article was written by Chris Henderson, chief information security officer at Huntress.
It’s back-to-school season, and as students sharpen their pencils, cyber criminals are sharpening their tactics.
Education has become the top-targeted industry for cyberattacks, according to the Huntress 2025 Cyber Threat Report, with ransomware, phishing, and data theft disrupting everything from kindergarten classes to university research labs. Unfortunately, cybercriminals don’t take a summer break. Just last month, Columbia University detailed a June cyberattack that impacted university students, applicants, and employees. Threat actors stole sensitive financial aid information, insurance and health data, and Social Security numbers.
Today’s schools can’t fight back alone. That’s where MSPs come in. From filling IT resource gaps to deploying critical protections like MFA, patching, and endpoint security, MSPs are uniquely positioned to become the trusted partners schools depend on to defend learning environments and keep education moving forward.
Education Cyberattacks: Unique Risks in Higher Ed and K-12 Schools
While hackers work year-round, the start of the school year typically brings an uptick in threats, including the following:
- Both K-12 school districts and higher education colleges have been hit with ransomware attacks that can lead to delays or even cancellations of classes.
- Phishing attacks, which often include lures that pretend to come from the university or school district itself and can lead to stolen information or account compromise, have targeted both employees and students.
- The Huntress 2025 Cyber Threat Report also found several post-exploitation threats specific to the education sector. Threat actors have used infostealers and malicious scripts to steal sensitive data, and abused remote monitoring and management (RMM) tools to stealthily perform reconnaissance on networks.
Other Challenges at Hand
Both higher education entities and local school districts also face unique challenges that impact their security risk postures. For example, K-12 school districts may have limited budgets and resources, which are allocated in a somewhat complex process by local, state, and federal governments. This can put a wrinkle in the process of rolling out key security protections in-house. Another challenge for K-12 school districts is the sensitivity of the data that they handle, which could include children’s medical information and Social Security numbers.
Higher education institutions, meanwhile, need to manage both faculty and students, sometimes across different locations and campuses. On top of that, they’re dealing with numerous unmanaged devices, with students logging into university accounts from their personal laptops and phones. Many institutions also include research facilities, which are lucrative for espionage-driven threat actors interested in IP theft.
These pain points open doors for MSPs, who can work closely with organizations in the education sector to develop their security strategies. In particular, with the education space currently struggling with budget constraints and short-staffed IT teams, MSPs can fill in the gaps with help desks and security support.
How MSPs Can Support Education Clients
Phishing is a major vector for threat actors targeting the education space. MSPs can offer security awareness training to educate schools—both students and staff—about the red flags to look out for, including emails that come from fake domains spoofing that of the university, contain urgent messaging, or ask for students to log in to “school portals” that are actually attacker-owned landing pages. MSPs can also assist customers in rolling out MFA, which colleges have increasingly been mandating across student accounts.
In addition, MSPs can support resource-limited school districts by implementing impactful security measures, like mitigating known exploited flaws, and deploying and testing backups. These measures help protect against ransomware attacks, which often target known vulnerabilities as an initial access vector and encrypt files as part of the attack.
Another opportunity is helping schools develop comprehensive cybersecurity strategies. MSPs can offer to perform security audits to find vulnerabilities, weaknesses, and misconfigurations in their environments. Once the audits identify the gaps, MSPs can help schools proactively defend against these attacks by setting up endpoint detection and response platforms and developing incident response plans.
The Future of Education Threats
With the school year just underway, educational institutions continue to face many of the same threats and scams that they have in the past.
MSPs have a significant opportunity to work with education entities (both K-12 districts and universities) to create a comprehensive security strategy that focuses on what will make the most impact in protecting employees and students. After auditing their environments and developing an inventory of their assets, MSPs can work with their education clients to begin a priority list to implement basic security measures like MFA, vulnerability management, and threat detection measures.
But there’s a bigger impact, too. Protecting education isn’t just about stopping cyberattacks—it’s about keeping classrooms open, students learning, and futures secure.
For more security insights from Huntress, read about AI’s double-edged sword here.
