The latest cyberthreat is now targeting the vulnerable student population of public schools. Threats of violence, shaming, and bullying, which police say are empty threats, are the specified consequences of not paying a ransom to hackers capable of releasing private records. Although the threat may not be real, it is still terrifying to parents and children receiving texts that indicate their school records will be used against them.
Why is this happening?
The Department of Education states that data security in targeted schools is weak, and well-known vulnerabilities are allowing hackers to gain access to sensitive data. However, the amount of sensitive information that schools hold is staggering, and with very few cybersecurity protocols in place, there is an increased risk of cyberattacks. Schools remain an enticing target to hackers because there is also potential to tap into connected government systems.
These threats have lasting consequences.
Accessing student personal data is of high concern, because that information can be exploited for years without students’ knowledge of an incident. Students targeted could potentially reach adulthood realizing that they have poor credit due to false applications, or that crimes may have been committed using their personal information. None of those potential victims will have paid a ransom or suffered other repercussions.
These threats can be mitigated.
A hacking group known as The Dark Overlord is likely targeting the educational system because of a weak IT infrastructure, while businesses in the private sector, as well as government agencies, are tightening cybersecurity strategies. The Department of Education is advising districts to:
- Conduct regular security audits
- Patch vulnerable systems
- Train staff on best data security practices
- Implement tighter cybersecurity
Cyberattacks cannot be prevented, but school districts can make their systems less penetrable by hackers.
Protecting student data remains a challenge, and it is difficult to apply a strong IT security strategy when budgets and personnel are already limited. However, controlling access to the sensitive data that public schools store is critical. Innovative solutions, as well as maintaining compliance, are key to successfully protecting the futures of our students.
thinkCSC works closely with many Ohio School Districts to help keep their data safe and available. We deploy innovative, affordable technology to help your schools maximize network efficiencies and minimize external threats. With a specific focus on the needs of educational institutions of every size, we offer unique solutions, dedicated technical support and expertise, and state-of-the-art security solutions specifically designed to meet the unique demands that apply in an educational setting. Contact us to learn more.