A recent study concerning the long-term effects of K12 COVID related closures in 2020 outlines just how costly this disruption to classroom learning will be. Estimates are that K12 students can expect 3 percent lower incomes over their lifetimes as a result. On a macro scale, it is estimated that countries should expect an average of 1.5 percent lower annual GDP growth for the remainder of the century. There is no doubt that any negative influences on the student learning experience have ripple effects that go far beyond the classroom.
Protecting the Learning Process
Classroom disruptions at any time can prove highly consequential to students. That is why it is so imperative to ensure that students can learn in an optimum environment free of interruption. This primary objective includes focusing on cybersecurity within our K12 institutions. We’ve all read the stories in the news of entire school districts that are forced to close for successive days due to a ransomware attack. While these system disruptions are impactful, small singular cybersecurity incidents can negatively hamper the learning environment in “death by a thousand cuts” fashion. When a student laptop is put out of commission for a day due to the contraction of a computer virus, that student’s personal learning experience is impacted. When a DDoS attack is launched by a student in order to avoid an online test, entire classrooms are affected. When a teacher clicks on a phishing link and gets scammed, it affects that teacher’s mindset, which in turn impedes on the teaching process.
Ransomware and DDoS Attacks
According to a security bulletin put out jointly by the FBI and DHS in December of 2020, over half of all ransomware attacks in the U.S. involved K12 school systems during the months of August and September. It isn’t a coincidence that this time period is tied to the start of the school season. According to an article published by ZDNet, more than 500 schools in the U.S. were hit by ransomware in 2019. These types of attacks can bring down operations. Schools are especially susceptible to ransomware attacks because they often lack the resources to properly secure their IT estate. They also face the challenge of competing with the private sector to obtain cybersecurity trained talent. Oftentimes, school systems have little choice but to pay the ransom due to their lack of preparedness to overcome these attacks.
But while ransomware garners a lot of the headlines today, DDoS attacks are a frequent menace for school systems. Miami-Dade County Public Schools had been a target of more than a dozen DDoS attacks during the 2020-2021 school year. Turns out the culprit behind the attack wasn’t a Russian hacker, but a local student. Unfortunately, this is not a single incident. These types of attacks have become the equivalent of pulling the fire alarm to disrupt the classroom period. Students can easily request DDoS attacks over the dark web in order to disrupt an online exam.
The need to prioritize cybersecurity in the education sector goes beyond the classroom experience. Schools contain a vast depository of personal data including social security numbers. While high school students may not have a credit card as of yet, cybercriminals can hold on to their personal data for many years to use at a later date. By then, the data breach has long since been forgotten. However, it isn’t just student records that cybercriminals are after. In many rural areas, the school system is the largest employer, meaning that they have the largest HR database.
The challenge of shadow IT is an issue that many internal IT departments must contend with today. This is also the case in the education sector as teachers and school administrators openly brace new technologies that can enhance the learning process for students. Though the motives that drive these classroom technology purchases are highly admirable, little is often know about the security vulnerabilities of these technologies.
Cybercriminals target colleges and universities for many of the same reasons mentioned. They also target them for the large amounts of money they handle as well. Colleges and universities deal with a lot of money in the form of tuition payments and private endowments. They also host a lot of high value data research that can garner a high price on the open market.
While it is certainly true that you cannot run schools in the same way you manage a business, they do need to be secured in the same manner as any for-profit organization. It is time to put a real emphasis on cybersecurity within the education sector.
Protect children and students from cyberattacks with WebTitan DNS & Content Filtering solution. Start WebTitan 14 Day Free Trial and see how TitanHQ can protect your school or college, see results in less than one hour. Start Today.