A 13-year-old student was arrested earlier this week after officials say he made an online threat that shut down his middle school and two nearby high schools. The investigation began when authorities were alerted to a Twitter post that threatened a shooting at a high school in Warren Consolidated Schools outside Detroit. The suspect was tracked down through his IP address.
A Carter Middle School student is in custody for the threat that shut down three Warren Consolidated School buildings.
Parents, please take time to help your children understand the dangers of posting inappropriate things on social media as they will face severe consequences.
— Macomb County Public Alerts (@macombcountypa) September 14, 2022
In rural Virginia, Lunenburg County Public Schools were shut down Monday and students were allowed to stay home Tuesday after an online threat was reported. School officials and police have not yet released details about the content of the threat. “School districts across our nation are dealing with threats of violence on a constant basis. Even though the great majority of them turn out to be hoaxes, there remains no room for complacency,” Lunenburg County officials said in a press release.
Also this week, parents and teachers using Seesaw’s messaging function to communicate with each other got an X-rated surprise Wednesday when accounts on the widely used learning management system’s messaging app were hacked. A number of users around the country received a link to an “inappropriate image,” the company announced.
Defending against online threats
These online threats—many of which are hoaxes—are hitting K-12 networks on a daily basis and are now the main culprit in closures after several years in which schools were regularly shuttered by COVID outbreaks and exposures. So what can administrators and their teams do to tackle the problem?
“Schools and school districts can take a variety of actions to prevent, protect from, mitigate the effects of, respond to, and recover from cyber threats. These can be conducted before, during, and after an incident,” say guidelines from the U.S. Department of Education’s Readiness and Emergency Management for Schools Technical Assistance Center.
Administrators can watch the Technical Assistance Center’s webinar to get an overview of the cybersecurity threats facing K-12 schools and the resources, programs, and tools that to secure school computer networks.
Administrators and their teams should establish policies for responsible online use and ensure that students and staff know the rules before they log on to school networks. IT staff must also be fully versed in local, state, and federal regulations governing storing and protecting student data and other personal identifiable information that is kept by schools.
Administrators must also make—and regularly review—a list of staff members who can access school networks and computer systems. IT staff must then assess cyber threats on an ongoing basis. The Technical Assistance Center also lists strategies for what to do during and after a cyberattack.
More guidance is available from the Department of Homeland Security’s C³ program, which helps organizations such as school districts partner with federal agencies and private cybersecurity firms. In addition, the National Institute of Standards and Technology has released a “Framework for Improving Critical Infrastructure Cybersecurity,” which was developed by federal agencies, academia, and the private sector.