Cybersecurity in Education: What Teachers, Parents and Students Should Know
From July to August, 2020, Microsoft’s Global Threat Activity Tracker detected more than 8 million malware incidents — with education being the most affected industry. As a result of the recent rush to adopt e-learning, the field has been exposed to an increase in cyberattacks; cybercriminals are finding opportunities to defraud schools, steal sensitive information or deploy ransomware schemes to extort money. In fact, a public service announcement by the FBI’s Internet Crime Complaint Center (IC3) recently warned that attackers are taking advantage of the transition to online learning due to COVID-19 through increased targeting of virtual environments, including those utilized by schools.
While online learning provides so many positive opportunities for learners and teachers alike, it is more important than ever to strengthen cybersecurity defenses to deal with new and emerging attacks. This article is designed to help provide teachers, parents and students with the information they need to identify common cyber threats, as well as tips on cybersecurity best practices to help you safely ease into the new school year.
To skip ahead to the section you’re most interested in, click one of the following links:
Cybersecurity in the Classroom: What Teachers Should Know
Cybersecurity should not be limited to the classroom — virtual or otherwise. Since most home networks do not provide the same increased firewalls or protections offered by institutions, teachers and students become more susceptible to hacking attempts as they spend more time online. It is important to practice safe online behavior everywhere.
Cyber Threats for Teachers
As a teacher, staying informed and learning the best practices to protect yourself and your students is always the best first step to take in cybersecurity. Below are the top five cybersecurity threats faced by teachers, as outlined in a report by the Consortium for School Networking (CoSN).
- Phishing: These attacks leverage social engineering by exploiting human emotion to trick victims into giving up sensitive information such as passwords or credit card details. Over 90% of cyberattacks today start with phishing, according to CoSN.
- Distributed Denial-of-Service (DDoS): These attacks occur when multiple systems flood the bandwidth or resources of the local servers. These attacks can cost victims up to $40,000 per hour, while typically only costing around $40 for cyber attackers to engineer.
- Data Breach: A data breach is a security incident in which private or sensitive information (such as student data) is accessed without authorization. In fact, student and educator data breaches were one of the most common cyber incidents experienced in 2019.
- Ransomware: These threats involve hackers holding data hostage in exchange for money or other demands. According to a report from the cybersecurity firm Emisof, the potential cost of ransomware in the United States reached over $7.5 billion in 2019.
- IoT Vulnerabilities: IoT (Internet of Things) devices such as laptops, smart home accessories and tablets often lack security or are not updated on a regular basis, making it vital for teachers to prioritize security when incorporating IoT devices into the classroom.
Cybersecurity Tips for Teachers
Now that you have an understanding of the cyber threats that educators face today, you might be wondering, what do I need to do to ensure myself, my school and my students are safe? Here are five steps you can follow to help prevent these attacks, provided by the Texas Computer Education Association:
- Encrypt Your Data: Hackers today can obtain classroom data by intercepting it while actively in transit. By protecting your data using encryption, you can prevent cyber attackers from stealing the data that you send and receive.
- Comply With Your Institution’s Cyber Protocols: It is very likely your school already has cybersecurity measures in place to protect users. It is important to follow these provisions and contact your IT or Cybersecurity department if an issue arises.
- Safeguard Your Devices From Physical Attacks: Always log out of your computer when you step away. To keep passwords safe, try to avoid writing them down or entering your credentials within view of someone else.
- Back Up Your Data: If your work or institution requires the storage of student data, it is important to back it up to prevent attackers from targeting this private data in Ransomware-style attacks where you may be locked out until a ransom is paid.
- Practice Good Password Management: It’s easy to take shortcuts when it comes to passwords. A password management program such as LastPass can help you to maintain unique passwords for all of your accounts.
Additional Resources for Teachers
- 3 Cybersecurity Tips Crucial to Secure Student Information in Remote Learning | Education Dive
- Four Cybersecurity Tips for Teachers | Texas Computer Education Association
- Stop.Think.Connect. Parent and Educator Resources | CISA
- How to Back Up Your Data | Berkeley Information Security Office
- How to Use a Password Manager | Engadget
Cybersecurity At Home: What Parents Should Know
When it comes to in-person learning, schools typically offer reliable protection to students that restricts them from accessing harmful content, while also protecting them from a wide range of threats such as malware or unmoderated social media. This is usually achieved through the use of filters and blacklists (a collection of websites that are inaccessible to users) applied to school devices or through the school’s network connection. However, with young learners turning to digital classrooms, parents may not have access to the same safeguards put in place by formal institutions.
Cyber Threats for Parents and Children
According to a report by PCMag, 76% of parents are worried about their kids’ online safety and have major concerns about online threats faced by children. If your child is spending more time online, you may be wondering what these threats are and how to prevent them. Below we have outlined five common cyberattacks aimed at young web users.
- Cyber Predators: These are adults who use the internet to exploit children and/or teens with the intention of inflicting harm (whether emotional, financial etc.). Cybertip, a Canadian tip line for reporting online child exploitation, reported an 81% spike in reports since the start of the COVID-19 pandemic.
- Malware: Cyber criminals today often trick victims into downloading malware that can take control of their device. Some cyber criminals can even disguise their malware as games or apps, which can be especially tempting to children.
- Malicious Ads: These ads are used to spread a variety of unwanted messages or spam. Researchers at the University of Michigan and the C.S. Mott Children’s Hospital recently analyzed 135 apps meant for young children and found that many were riddled with problematic advertising methods, including manipulation and shaming.
- Identity Theft: Today’s cyber attackers are targeting children online to steal their identities and credit histories. In fact, a Javelin Strategy & Research Study revealed that more than one million children were victims of identity fraud in 2017, resulting in total losses of $2.6 billion and over $540 million in out-of-pocket costs to families.
- Online Gaming: According to research from the Entertainment Software Association, 70% of families have at least one child who plays video games. With this many children actively gaming, phishing scams, viruses and harassment have become commonplace in gaming communities, according to Webroot.
Cybersecurity Tips for Parents and Children
As a parent, you are your child’s best protection against online threats like those mentioned above. Here are five steps that you can start following with your child today:
- Teach Passwords and Privacy: Help your children password protect all devices and online accounts. Teach them why creating strong passwords is important, how to create them and never to share them.
- Monitor and Communicate: Communicate what comprises an acceptable, respectable (to themselves and others) online post and take the time to monitor your child’s online activity as often as possible.
- Protect Identity and Location: Disable photo geotagging on your Android or iPhone and remind your child not to share any personal info online like age, school, address, phone number, last name or any personally identifiable data.
- Use Secure WiFi: Ensure that your home’s wifi includes encryption and a strong password to restrict outside access, and only share your password with those that you know and trust.
- Utilize Parental Controls: Many kids are given their first tablet or internet-connected device before they can fully comprehend the power in their hands. Try using built-in parental control features to start taking precautions and monitor their usage as early as possible.
Additional Resources for Parents
- Creating and Managing Strong Passwords | Department of Homeland Security
- Cyber Safety Quick Links for Protecting Youth | REMS Technical Assistance Center
- Tips For Parents on Raising Privacy-Savvy Kids | National Cybersecurity Alliance
- How to Use the Parental Controls on a Smartphone | Consumer Reports
- How to Set Up Parental Controls on Your Home Wi-Fi | CNET
Cybersecurity For Students: What You Should Know
Malicious cyber activity affects students in a variety of ways, typically in the form of malware and scams. As students join classes this years using their personal computers and home wifi networks, the number of potential attack vectors has rapidly proliferated, according to Education Technology.
Cyber Threats for Students
Before you can prevent an attack, it helps to start by gaining a strong understanding of the threats faced by today’s students. Here are five types of attacks to be aware of:
- Data Theft: According to CNBC, cyber attackers know that students often have little understanding of how to properly guard personal and financial data being input online, typically for the first time. Experts say hackers can use this data for identity theft, credit fraud and more.
- Mobile Malware: Researchers at Check Point found that attacks targeting mobile devices have risen by 50% since 2018. With more students moving from a desktop or laptop to smartphone use, it is more important than ever to take mobile security seriously.
- Malicious Social Media Messaging: According to a study on cybersecurity threats amid the COVID-19 pandemic, hackers are taking advantage of platforms such as Facebook and WhatsApp with scams to lure victims to phishing websites, which can compromise personal information.
- Camfecting: Many students today have a desktop webcam or camera built into their phone, tablet or laptop. Unfortunately this can open the door to camfecting, where hackers are able to remotely access and take control of a webcam.
- Social Engineering: Social engineering scams are among the top cybersecurity threats faced by higher education students, according to EducationDive. These attacks rely on manipulating users into revealing confidential information.
Cybersecurity Tips for Students
Today’s cyber hackers are constantly discovering new exploits and strategies to compromise users. Here are five cybersecurity best practices to help protect yourself from them:
- Avoid Sharing Personal Information: Be mindful about the information you divulge online — such as school names, email addresses, home addresses and telephone numbers.
- Invest in Virus Protection: Ensure you have antivirus protection with anti-phishing support installed on all devices (desktops, laptops, tablets, etc.). Set it to update automatically and run virus scans at least once a week.
- Keep Software Up-to-Date: Be sure to keep your operating system, browser software and apps fully updated with patches. Even new machines can have out-of-date software that can put you at risk.
- Be on Guard for Phishing: Do not open email attachments from untrusted sources. You may be expecting emails from group members or teachers, but use caution when opening any attachments.
- Be Careful What You Click: Avoid visiting unknown websites or downloading software from untrusted sources. These sites can host malware that will install (often silently) and compromise your computer.
Additional Resources for Students
- School of Cyber Threats: 3 Attacks Impacting Today’s Schools | McAfee
- Types of Cyber Security Threats to College Students | Unigo
- Back-to-School Cybersecurity Tips | UC Berkeley
- What To Look For in Anti Virus Software | National Cyber Security Centre
- How to Recognize and Avoid Phishing Scams | Federal Trade Commission
As cyber attackers continue to exploit gaps and introduce new threats and vulnerabilities, teachers, parents and students must also equip themselves with the knowledge to protect their devices and personal information.
Thanks to the many advancements in modern technology, online education has become more accessible than ever before, allowing learners to receive the same high-quality experience and outcomes offered by traditional education via a virtual experience. However, with these advancements comes an expanded threat from cyber criminals. It is more important than ever to keep yourself safe. Following the tips above can help better secure your technology and personal information from the threats of cybercrime.