As more educators turn to technology, they are faced with new cyber threats. These can range from emails that look suspicious to software tools that actually steal your information. Individual teachers and school districts alike are trying to fight off cyberattacks, but don’t always know how.
You can be cyber smart in your classroom and in your school. Learn more about cybersecurity in your classroom and why hackers keep going after teachers.
Why Are Schools Prime Targets?
Hackers and scammers target schools because districts often employ hundreds to thousands of teachers and administrators. By hacking a district, scammers reach a large community — especially when you think about the potential of reaching students and parents as well. Additionally, schools aren’t known for their technology resources, which makes hackers perceive them as vulnerable.
“Attackers know that educational organizations don’t always have the same level of security as other organizations, and they take advantage of it,” writes Lance Whitney at Tech Republic. “Schools, colleges, and universities need to prioritize email security that leverages artificial intelligence to identify unusual senders and requests. This additional layer of defense on top of traditional email gateways can provide protection against spear-phishing attacks for both staffers and students.”
Even if scammers don’t go after schools, gaining access to individual email accounts can help them target parents and other potential victims.
“Hackers often go after .edu addresses because they’re often seen as more trustworthy than .com emails — especially within school networks,” says Shannon Flynn, managing editor at ReHack. “Hackers sometimes go after schools because seizing .edu addresses may make it easier to stage other attacks down the line.”
You personally might not be the victim of a cyberattack, but that doesn’t mean others won’t suffer if your information is stolen.
Phishing Takes Advantage of Public Information
Phishing is one of the most common ways that scammers go after educators. An email gets through a spam filter, the recipient thinks it looks legitimate, and the hacker gains access to their accounts when the recipient clicks on a link or opens an attachment.
In one style of attack, hackers pretend to be the parent of a student in the class. They claim an assignment was never received or that the technology used by the teacher isn’t working. The email included a malicious attachment that if teachers open, locks their computer until the teacher pays a ransom (combining phishing with ransomware).
“Researchers think that attackers harvested targeted teacher email addresses using faculty contact lists located on the school website,” writes Trevagh Stankard at email security and DNS filtering provider TitanHQ. “Because these pages include the teacher’s name, the attacker could then address the email with the teacher’s name, making the message look like it was legitimate.”
There are other reasons why scammers try to gain access to teacher email accounts. They can impersonate the teacher and contact other educators in the district. Drew Todd at cybersecurity conference series and training provider SecureWorld says hackers impersonate the victim and reach out to other educators. The hacker will try to collect donations by telling them about a distressing situation or will try to sell gift cards to collect money.
Some scammers take advantage of readily available online information to file for unemployment benefits. At the start of the COVID-19 pandemic, unemployment claims skyrocketed as businesses closed due to quarantine orders. Scammers used the information from teachers who were still employed and applied for unemployment benefits. This led school districts to improve their policies to catch fraudulent claims.
“When we get an unemployment claim in [our school district], we physically have a member of our human resources team pick up the phone and have a one-on-one conversation with that person, and that’s how we really spot things that are fraudulent,” says Allison Cortez, chief communications officer at Academy School District 20 in Colorado Springs.
Ransomware Can Affect Entire Districts
While some phishing attacks shut down one computer or account until the victim pays, large-scale ransomware attacks are growing more common in school districts across the country.
In January 2021, a ransomware attack shut down the New York Department of Education’s teacher discipline system. This system manages the hearings for educators accused of incompetence or misconduct.
“Transcripts are the lifeblood of these hearings,” says Betsy Combier, a paralegal who broke the story on her website. “You can’t do anything without the transcripts, you can’t do a closing. You can’t decide a case.”
In September 2020, teachers at Newhall School District in California logged on for virtual school. They discovered the server had been hacked and were instructed to log off immediately. The event affected more than 6,000 students across 10 schools. The district employs four IT professionals to help 310 teachers. Administrators were eventually able to access their files, but the district won’t say whether they paid the ransom or not.
“Of course, the FBI doesn’t want anyone to pay anything for the ransom,” says Jeff Pelzel, superintendent of schools for the Newhall School District in California. But not paying could cause educators to lose countless lesson plans, some of which took 10 years to develop. The loss “would be devastating for staff,” Pelzel says.
These scams can be extremely lucrative, which is why ransomware attacks are on the rise and the price of ransoms have increased. They are also expensive for districts.
“Ransoms often number in the tens of millions of dollars, and administrators have often simply paid them, out of desperation to protect students and avoid closures,” writes Rob Cataldo, managing director at internet security solutions provider Kaspersky. “Unfortunately, that’s what keeps the ransomware gangs in business and encourages further attacks. While other organizations are more likely to have budget for data backups and strong defenses, schools often don’t have that luxury.”
Online Learning Created the Perfect Environment for Threats
The COVID-19 pandemic didn’t just create an environment for impersonation scams. It also increased the number of opportunities hackers had to gain access to teacher, student and parent information.
“It’s not that the threats are changing, it’s that the risks are growing,” says Richard DeMillo, chair of the School of Cybersecurity and Privacy at Georgia Institute of Technology. “You should assume the more you’re doing online, the more the risks have gone up, the more serious the consequences would be if there were a serious breach.”
As students and teachers suddenly started spending eight or more hours each day online and used new software systems, the opportunities for hackers grew immensely.
“Pretty much any way that you cut it, incidents have both been growing more frequent and more significant,” says Doug Levin, national director at K12 Security Information Exchange. His group has tracked more than 1,200 cybersecurity incidents at public school districts since 2016, including 209 ransomware attacks and more than 110 phishing attacks.
While online learning provides opportunities for students, it also presents risks because of the number of online tools and accounts used.
“The switch to online learning increased reliance on thousands of new devices and services given to students and teachers in a short time, during which they were not adequately trained to secure their devices or monitor for phishing threats proactively,” writes the team at security awareness training platform PhishingBox.
Cybersecurity Training Resources for Educators
In response to the rise of cybersecurity attacks on educators, technology experts are looking for ways to help teachers learn how to protect themselves.
UC Berkeley Boot Camps created useful infographics for teachers, parents and students on cybersecurity. Each infographic provides actionable tips for staying safe on the web. These include identifying phishing attacks and preventing data breaches. You can use this resource to increase your awareness of cyber threats.
There are also more immersive options for teachers. The University of New Haven in Connecticut is hosting its first GenCyber Teacher Academy (GTA) program in August 2022. Eligible high school teachers can apply to the weeklong program and will receive a stipend to attend. They will get a free Chromebook to take back to their classrooms and access to the Gencyber Teacher Learning Community.
The GTA courses focus on cybersecurity awareness, networking, python and social engineering. The goal is to make teachers more aware of the need for cybersecurity while empowering them with tools to bring back to their classrooms.
Another option is Teach Cyber, a non-profit dedicated to cybersecurity education. This organization prepares secondary school educators to teach cybersecurity while also gaining the tools to protect themselves. The year-long online course has 120 hours worth of instructional materials with downloadable lessons and assessments.
While your district may take steps to help you understand the cybersecurity risks that most commonly face teachers, you may want to increase your own personal knowledge of these threats. Not only can you protect your own personal information, but you might even protect your entire district from a ransomware attack caused by a suspicious phishing link.
Images by: fizkes/©123RF.com, primagefactory/©123RF.com, Christina @ wocintechchat.com