Cyberattacks are becoming more and more common in education, putting students’—and educators’—personal information and data at risk.
As of right now, there have been 1,180 K-12 cyber incidents since 2016. From Zoom-bombings during remote learning to phishing emails, schools and districts across the nation face numerous cyber security challenges.
When the COVID-19 pandemic forced schools and districts around the nation to embrace remote learning, K-12 schools moved from in-person to remote learning, increasing their dependence on their IT departments and making them more vulnerable to cyberattacks. And while some schools and districts have transitioned back to in-person learning, the threat remains.
In fact, just last fall, the Government Accountability Office called on the U.S. Department of Education to take additional steps to help protect K-12 schools from cyber threats.
However, research shows that 80% of cyberattacks are preventable with best practices in place and education around cyberattacks. Below are five strategies to keep students safe online in 2022, as well as some predictions for the new year.
1. Generate awareness around cyberattacks and share examples. Share examples of phishing emails, fake links, and other tactics used to steal data from students and educators. Encourage everyone to share what tips them off in phishing emails or fake links. Is it a misspelling? A strange URL? Odd formatting? Use examples to inform students and educators on some of the common tricks criminals use.
2. Implement firewalls, regular data back-ups, and additional security measures. Warning labels on emails that come from outside organizations and pop-ups let students and educators know when they’re leaving school-specific websites and remind them to double-check that links are valid. Regular data back-ups ensure that if a cyberattack does happen, sensitive information is not wiped and can be recovered.
3. Change passwords and recommend two-factor authentication. Too often, we use the same password or phrase for multiple accounts. However, if one of those accounts were hacked, criminals now have access to your other accounts. Encourage students and educators to change their passwords, making them different and hard to predict. Two-factor authentication is another great step to help limit access to accounts with unique, time-sensitive requirements.
More from DA: Cybercriminals are targeting K-12, including your district
4. Encourage students and educators to limit the sharing of personal information. School email addresses, telephone numbers, home addresses, and more are often used in cyberattacks. Encourage students and educators to limit sharing of their personal information on the internet and websites outside of school.
5. Make sure everyone knows what to do if there is a cyberattack. It’s critical students and educators report a potential cyberattack as soon as possible so the aftermath can be minimized. If something is not reported, criminals have more time to steal data and personal information.
In 2022, I think we’ll see more cyberattacks, especially as schools and districts switch between remote and in-person learning. In March 2020, schools and districts rolled out hotspots, Chromebooks, and tablets to hundreds and hundreds of students to ensure continued learning throughout the pandemic.
While we’ve made great strides to ensure students have access to remote learning and the internet, the opportunities and number of targets for criminals have subsequently increased. Schools and districts need to continue building up their IT departments and security measures—from implementing two-factor authentication to rolling out software updates and patches. Continued training, education of students, and promoting best practices will make all the difference.
Preventing cyberattacks is a true team effort and requires students, educators, administrators, and employees to be vigilant and prepared. As ed-tech becomes more and more integrated into classrooms, it’s crucial schools and districts have the measures in place to limit cyberattacks.
Hanine Salem is a managing partner at Novus Consulting Group where she heads the youth development practice.
