Fifty-two percent of K-12 educators in the U.S. say their school has not warned them about the dangers of ransomware as they scale remote learning this year, according to the Education Cybersecurity Threat Index released by Morphisec, In addition, more than one-in-five (21%) educators within colleges and universities say their institution has already been the victim of a cyberattack since the onset of COVID-19.
The index surveyed 500 teachers and administrators across the U.S. in July 2020. Of those surveyed, 67% worked within K-12, 24% worked within Higher Education, and 9% worked within other education institutions (e.g., private and alternative education). As many teachers and their students commence the academic year fully remote, including 17 of the 20 largest K-12 school districts, and thousands of universities, most have grown reliant on third-party technology vendors and video conference applications with widely reported security vulnerabilities. Morphisec Labs researchers discovered one such flaw in the Zoom application in April that enabled threat actors to record Zoom sessions without the participants’ knowledge.
Sometimes the attackers are students themselves. Miami-Dade Schools Police (M-DSPD) made an arrest related to the cyber-attacks that have disrupted teaching and learning since school began on Monday. M-DSPD detectives traced an IP address responsible for the attacks to a 16-year-old student, a junior at South Miami Senior High School. The student admitted to orchestrating eight Distributed Denial-of-Service cyber attacks, designed to overwhelm District networks, including web-based systems needed for My School Online. The student used an online application to carry out these attacks and has been charged with Computer Use in an Attempt to Defraud – a 3rd-degree felony, and Interference with an Educational Institution – a 2nd-degree misdemeanor. Miami-Dade County Public Schools (M-DCPS) has been the target of more than a dozen of these types of attacks since the 2020-2021 school year began.
See the links below to learn more about the threat of cybercrime on remote learning systems.
Be sure to subscribe to our industry publication for the latest news, videos, and podcasts in the Education & Technology Industry.