Cybersecurity

Despite the challenges, many parents and educators are seeing the benefits of virtual instruction and hoping that some level of online learning continues after the coronavirus pandemic, according to a report from the nonprofit Center for Democracy and Technology. However, almost half of teachers say they have not been trained to safeguard students' data during this period of remote instruction. Just 4 in 10 parents have said their school has explained how it protects student data. In focus groups, students also expressed little concern about data privacy and security, despite highlighting incidents where video calls were hacked or teachers exposed students’ grades while sharing their screens with the class.

Both parents and teachers should be aware that new ransomware campaigns are targeting teachers with email subject lines indicating the messages contain students' assignments. According to an article on the TechRadar site, teachers have received e-mails in which the attacker poses as a parent or guardian submitting an online assignment on behalf of a student, claiming the student encountered technical issues when trying to submit the assignment themselves. However, instead of attaching an assignment to their emails, the attacker has attached a malicious document that downloads a custom ransomware payload. Some of the email subject lines have included, "Son's Assignment Upload" and "Assignment Upload Failure for [Name]."

An investigative report by New York regulators revealed that several high-profile Twitter accounts were hijacked this summer using only basic social engineering techniques because Twitter has poor internal security controls. The regulators recommended creating an oversight council with a qualified regulator to monitor and supervise popular social media platforms' security practices. This report may foreshadow more government scrutiny of social media, but also is a reminder to everyone that social media accounts are easy to hijack for nefarious purposes.

Private information of students in the Clark County, Nev., school district was released after the district did not pay a ransomware demand. Ransomware is a form of malware where hackers demand ransom for access to data that, in this case, a school district holds. It can have a devastating impact on businesses and individuals alike. The information included students' Social Security numbers and grades. Brett Callow, a threat analyst for cybersecurity company Emsisoft, says multiple school districts have fallen victim to similar schemes. Does your district have a plan for handling a ransomware attack?

With remote learning, school districts are reporting more ransomware attacks. Brett Callow, a threat analyst for Emsisoft, says the cybercriminals are changing tactics, threatening to publish employee’s private information online and demanding amounts more than $150,000 instead of just a few thousand dollars

The Insider Intelligence U.S. Digital Trust Survey found that, ranking nine social platforms, consumers have the most faith in LinkedIn when it comes to security, community, ad experience and relevance and overall legitimacy. Pinterest earned the second spot, followed respectively by Snapchat, Reddit, YouTube, Instagram, Twitter, TikTok and Facebook.

The pandemic has forced school cybersecurity to encompass a much wider landscape than school campuses, and education leaders should get all the help they can, security expert Evan Francen writes in a recent commentary. He recommends enlisting students’ and parents' cybersecurity help through workshops, informational resources and contests.

As if you needed any more reasons to wish 2020 was over, the cybersecurity folks have even more for you to worry about. Tens of thousands of web domains related to the coronavirus pandemic are being created daily, reports ZDNet's David Gewirtz, who gathered several more unsettling statistics. Nine in 10 of those new domains are related to scams, including the intention to distribute malware, sell fake cures for COVID-19, and pass on more misinformation about the disease and other issues in the world.

Gigabytes have replaced apples in math questions, and lessons on the Fourth Amendment explore digital privacy, all part of an eight-year partnership between Cyber.org and the Department of Homeland Security. The EdWeek Research Center says nearly half of 900 K-12 educators surveyed this year already are teaching students about cybersecurity, and the partnership aims to increase those numbers. Is your school using these materials?

Teachers, students and parents in remote learning environments have plenty to juggle -- including cybersecurity. Ryan Cloutier of SecurityStudio outlines three steps everyone can take to create a more cybersecure learning environment including how to know your personal risk, how to understand and avoid scams and how to protect personal digital devices.