With schools forced to close in most jurisdictions, children are now being forced into online learning environments. Like what we have seen with remote workers, there has been a rush to get students online to continue with their schoolwork. While this is great to help student continue learning, it does also come with some cyber security risks.
The FBI’s Internet Crime Complaint Center (IC3) has warned that attackers could take advantage of COVID-19 by increasingly targeting virtual environments, including those utilized by school districts. “Today’s rapid incorporation of education technology (edtech) and online learning could have privacy and safety implications if students’ online activity is not closely monitored,” the PSA states. “… [P]arents and caretakers should be aware of new technology issued to children who do not already have a foundation for online safety. Children may not recognize the dangers of visiting unknown websites or communicating with strangers online.” It's not just an American problem either. The Orangeville Banner has also published an article warning about the dangers of child predators online. The banner quotes local cyber security worker Claudio Damaso, “The predators know our kids are at home.” Damaso also references a recent incident in Toronto where a parent working at home heard their child on a video chat with someone in the other room. The parent went to find their child speaking with an older man, who was exposing himself.
In addition to the threats to children, schools and school boards are also opening themselves up to attack. Education is already a prime target for ransomware and could be target to more attacks in the rush to make online learning available. Douglas Levin, founder and president of EdTech Strategies, LLC, which operates the K-12 Cybersecurity Resource Center, told SC Magazine, “In many cases, school districts are circumventing what privacy and cybersecurity controls they may have implemented in the rush to offer online learning to students who won’t be returning to school for weeks or months.” The security risks include, relying on digital platforms that may contain exploitable security vulnerabilities, using online services and applications without proper training first or vetting of privacy controls, and the existence of insecure remote access protocols could result in a digital hijacking. Levin predicts education will see more data breaches, more successful phishing attempts, and more ransomware outbreaks.
So, what should parents and educators do? For starters, parents need to have conversations with their children about safety online. Just like you teach children not to talk to strangers at the park, they need to know the same rules applies online. In addition, educators need to train teachers students and parents about cyber security when it comes to scams, phishing and predators. Technical training on using the new technology securely should also be provided to teachers, students and parents. Brandon Dixon, VP of strategy at RiskIQ, recommended in an interview with SC Magazine that educators minimize private information contained within e-learning platforms, opt for a software-as-a-service solution over a local client, block third-party providers from direct access, and audit vendors and their security documentation.
Do you find yourself dealing with some unique cyber security challenges due to COVID-19? Uzado is here to help you. Contact us today.