Cybersecurity in Remote Learning Environments
9th March 2021
Today, many schools are still operating hybrid or remote learning environments. Although this shift was necessary to reduce the spread of COVID-19, it has also made school networks – and sensitive data – more vulnerable to potential security risks. In fact, prominent cyberattacks in the past year have included:
- In March 2021, 15 schools were forced to shut down online learning in the Nottinghamshire due to a “sophisticated cyber attack“.
- In August 2020, a number of education colleges were hit by a cyberattack, affecting thousands of students. Luminate Education Group stated that the attack caused “operational disruption” to their IT infrastructure.
- In March 2020, The University of Kentucky and UK HealthCare had to perform a major reboot of their computer systems in an attempt to remove a cyberattack that lasted a month and it was considered “the most substantial cyber intrusion in university history.”
There has been a spike in ransomware attacks against schools in the UK and, according to the Washington Post, this is making learning environments even more stressful during the coronavirus pandemic.
In Ransomware attacks, such as those noted above, hackers threaten to expose student data or they lock down computers – including distance learning functions – until a ransom is paid. The attacker uses malware to encrypt files, locking them until the attacker’s demands are met. Tech & Learning reported that more than 1,600 schools were targeted by ransomware in 2020.
Distributed denial-of service (DDoS) are attacks that occur when the attacker temporarily limits or prevents users from conducting daily operations by making online resources sluggish or completely unresponsive. This is often done by flooding a web site, server or app with so much information it ties up the bandwidth and prevents other systems from connecting.
Video conference disruptions, also described as “zoombombing,” occur when an outside person crashes a remote learning class. The FBI and Department of Homeland Security have received reports of outsiders crashing remote learning calls and verbally harassing students and teachers, displaying pornography and/or violent images, and “doxing” meeting attendees (publishing personal information about them on the internet). Attackers may use student names to trick hosts into accepting them into the sessions. Attacks in 2020 led some school districts in the United States to temporarily ban schools from using Zoom.
So why have attacks on schools become so prevalent? In an interview with Education Week, Doug Levin, the founder and president of the K-12 Cybersecurity Resource Center, said several things have contributed to the rise, including more teachers and students being online and logging in from environments outside of the school which may be less controlled. These activities increase the potential for an attack. He also noted schools may not have the same level of IT support now compared to before the pandemic because IT staff may be dealing with a flood of other tech issues due to remote learning.
How to prevent attacks
The good news is there are many steps schools can take to protect their networks, including training students, staff, administrators and parents on what to do and what not to do. Here are a few suggestions from The New Jersey School Boards Association, UC Berkeley and EdTech Magazine:
What IT teams should do:
- Set strict creation policies for student and staff passwords such as requiring eight characters, upper and lower case, and encouraging using passwords that aren’t easy to guess. Have passwords set to expire on a regular basis. Set up administrative passwords to prevent students and staff from installing programs on their computers.
- Make sure the firewall is up to date and that servers and devices have the latest anti-virus and malware detections software, that they are backed up regularly and the software is regularly updated.
- Separate the student network from the administrative network so students can’t access the administrative network.
- When allowing access to the school’s wireless network, require students to use their individual network passwords rather than a shared password.
- Scan systems for sensitive and high-risk information such as social security numbers and health records to ensure that the data is in the most secure space. Have technology in place to wipe that data if needed.
- It’s also important to have the right web filters in place. Impero web:check helps keep students safe by filtering URLs on school devices, even when students are not on the school network. It uses an AI categorization name service (CNS) to comb through all HTTP, HTTPS and FTP web traffic and block inappropriate material. It also protects school networks from encrypted traffic, including virus-based threats.
What students, staff and parents should do:
- Log out of the computer every time work is finished. Don’t share passwords.
- Don’t click on links or files in an unknown email, or in an email from a known sender who typically doesn’t share links or files.
- Remind students to never share personal information while online, and teach them about the importance of keeping their passwords secure.
- When doing distance learning from home, make sure the home’s WiFi includes encrypting and a strong password to restrict outside access.
- If a student is using a personal device for their distance learning, parents should make sure parental control features are on and antivirus protection is installed. They should run regular virus scans and keep software up to date.
Preparation and education is a key component to preventing cyberattacks. Solutions such as Impero web:check keep devices protected and student information safe, both in the classroom and during distance learning. To learn more about how Impero web:check keeps networks safe, visit us online or book a demo below.