COVID-19, Technology

On the Frontlines: How Teachers Can Help Defend Against Ransomware

On the Frontlines: How Teachers Can Help Defend Against Ransomware

Originally published in TEACH Magazine, March/April 2021 Issue

By Adam Stone

Mobile County School District in Alabama. Houston County Board of Education in Georgia. Guthrie Public Schools in Oklahoma. What do they all have in common?

They are among the latest K-12 organizations to be hit by ransomware attacks, according to the most recent Armor Threat Intelligence Briefing. The report found that over 500 K-12 schools in the U.S. have potentially been impacted by ransomware attacks since January 2019.

The pace of such attacks has increased during the COVID-19 pandemic, as the rapid shift to remote learning has opened up new vulnerabilities. The FBI and the U.S. Cybersecurity Infrastructure and Security Agency have warned K-12 schools to be on guard.

In August and September of last year, 57 percent of ransomware incidents involved K-12 schools, compared to 28 percent of all reported ransomware incidents from January through July, the agencies note. “Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year,” the agencies warn.

In a ransomware attack, malicious software is inserted into a system, encrypting all data and rendering the system effectively inaccessible. Attackers then demand a ransom for the key to decrypt the data.

The IT shop typically is responsible for defending against such attacks. But with K-12 schools increasingly being targeted, there are steps classroom teachers can take to safeguard systems and help their schools to avoid falling prey to such incursions.

The Threat Landscape

Ransomware often finds its way onto the system when a user clicks on a malicious link in an email, a move that triggers a download and runs a malicious file or program.

“Students and teachers are a particular target during the pandemic,” says Jim Siegl, senior technologist for the Future of Privacy Forum’s youth and education project. “There have been examples of attacks disguised as homework assignments… or where the attacker is pretending to be a parent, claiming their child had a problem uploading an assignment.”

The push to remote learning has elevated the risk. “User behavior that is acceptable on a home device, such as browsing social media sites or connecting over insecure WiFi, could—if done on a school-provided device—open up an entire school district’s network for hackers to exploit,” says Rodney Joffe, senior vice president and fellow at security solutions provider Neustar.

At the same time, bad actors may be highly motivated to try to access school systems, says Lynette Owens, founder and global director of Trend Micro’s Internet Safety for Kids and Families program.

“They know school systems often do not have the greatest amount of resources or strongest security infrastructure in place, versus a bank, hospital or government entity for example,” she says. At the same time, “the data they have is critical: you have a lot of data on minors and school employees.” In the face of this complex and growing threat, classroom teachers might serve as the first line of defense.

The Teacher’s Role

Ransomware starts with end-user behaviours. This puts teachers in a unique position to help mitigate the threat, says Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project (S.T.O.P.).

“The way ransomware gets installed is not through some sophisticated high-tech exploit. It’s because of weak passwords or email phishing attempts where people click on a bad link,” he says.

“Teachers can make cybersecurity training a part of modern civics education. Just as students need to be educated on what is a reliable news source, they need to be able to navigate the cybersecurity threats of daily life,” he says. “That includes using phishing tests and other tests that are designed to educate students about their own susceptibility to these attacks.”

Owens likewise encourages teachers to take a proactive role in informing students about online risks. “Teachers can help educate their students to distinguish between credible, safe resources online versus those that are not,” she says. “Encouraging digital and media literacy skills across classrooms and in all grades is an important step toward ensuring all members of a school’s community can benefit and not be harmed by their use of the internet.”

Specific to ransomware, Owens says that in the era of remote learning, teachers need to set out clear expectations so that kids at home will be better able to distinguish between a legitimate school communication and a phishing attempt.

Teachers should tell students exactly when and how they intend to communicate with them through online means. “For example, let students know that they will receive an email every week regarding upcoming homework or quizzes,” Owens says. “Students would then know to be on the lookout for this and might more readily flag an email that they may not have been expecting from the teachers.”

If a teacher’s email has been hacked and the students receive an unexpected email purporting to be from that teacher, “this can train students to speak up if something seems off,” she says. Teachers also can help to mitigate the ransomware risk by being thoughtful about any third-party applications, software, or other tools that they introduce into their classroom tool kit. Such products can potentially serve as a launchpad for a ransomware payload.

One easy safeguard when using third-party tools: “Read the terms of service when signing up for a new program, and take time to fully understand the information they’re sharing before signing in to websites or applications with a Gmail or Microsoft account,” says Matt Dascoli, education strategist at Dell Technologies.

“Right now, many teachers are looking to access additional online content or applications to help with remote learning, but they should be wary about where they are getting content and the information they are giving in exchange,” he says.

As a further safeguard, teachers should avoid technology that hasn’t been vetted and approved by the IT department, says Surita Bains, director of product management focusing on education at Absolute Software.

“Teachers should avoid introducing ‘shadow IT’ into their classroom and school environment,” Bains says. “It is important that software and online tools are evaluated for their security posture. By engaging the school or district IT team when looking to use new tools, teachers can ensure the technology they and their students are using isn’t introducing risk to the classroom.”

In fact, experts say a cooperative relationship with IT leadership at the school or district level may be key to empowering teachers who are looking to safeguard their classrooms against ransomware attacks.

Advocating With It

Take for example the issue of data and systems backups. A timely effort to back up systems is key to ransomware defense. Should attackers encrypt the system, administrators can simply revert to a recent backup and effectively short-circuit the attack.

On a personal level, “teachers should maintain good backups of their lesson plans and other critical educational data in the event something happens to their computing device,” says Robert Capps, VP of marketplace innovation at NuData Security.

Teachers should not be made responsible for large-scale systems backups or the backing up of day-to-day classroom data—that responsibility falls to the IT team—but teachers can play a key role in advocating for such measures. “They should be speaking to their school officials to make sure those officials are doing everything they can to create an effective backup strategy,” Cahn says.

While this advocacy work goes above and beyond the teacher’s ordinary classroom responsibility, experts say it makes sense that teachers would take on the role. As the front-line defenders, “teachers must advocate to not only school but district leadership on the importance of investing in proper IT security resources and technologies,” Bains says.

By insisting on school- and district-level safeguards, teachers can free themselves to focus more fully on their educational efforts. With IT handling systems integrity, teachers “regain the ability to dedicate themselves to educating students,” Bains says.

Best Practices

Even as they push for high-level controls, teachers can implement best practices at the classroom level to help keep the threat of ransomware at bay.

This starts by observing their own online interactions. “Ransomware tends to come through email, so teachers can carefully examine every email that comes through their inbox, looking for red flags like misspelled words, suspicious senders/email addresses, inconsistencies in the email content, and call to actions for clicking on links,” Owens says. They can likewise teach their students to follow these same guidelines.

Overall, the rise in ransomware gives teachers new incentive to double down on their efforts to elevate student awareness around digital literacy. Kids who know how to spot a malicious link, who are thoughtful about their passwords and diligent about their downloads, are less likely to introduce malicious elements into the system.

Teachers need not shoulder this burden alone. In addition to engaging with IT staff, teachers can turn to parents as partners in security. With more kids working on devices at home—devices that may connect back to school networks—educators and parents should be collaborating to ensure classroom best practices remain in force in remote learning scenarios.

“Ultimately, teachers and parents must maintain an active awareness of how students are using remote learning tools and platforms in order to keep them—and school systems—safe,” Joffe says.

Adam Stone is a seasoned journalist with 20+ years’ experience. He covers education, technology, government and the military, along with diverse other topics.

can i buy cbd gummies at circle k in phoenix cbd for arthritis eating cbd gummies hemp garden organic cbd gummies where can i find cbd gummies near me how cbd gummies are made how long do cbd gummies work cbd for muscle soreness are cbd gummies legal in nc jimmy buffett cbd gummies website biokenetic labs cbd gummies are cbd gummies legal in oklahoma cbd gummies vs cbd oil best cbd oil for neuropathy cbd gummies for sleep tn king of jewels cbd gummies cbd gummies by wholesale cbd gummies for sale pa how many cbd gummies can i eat a day where to buy cbd gummies in springfield tn is smoking cbd bad for you how long do cbd gummies to kick in cat cbd for anxiety green wisconsin cbd gummies

how to make i love you pop up cards pop up card balloon template printable pop up cards mothers day handmade birthday cards process credit cards for pop up shop paper card pop up guitar cards pop up rocking rectangle how to make a pop up heart card step by step 1998 marilyn monroe pop up greeting cards price pop up friend card templete lawn fawn pop up halloween cards mothers day pop up cards craft how to make up pop up christmas cards birthday pop up card template we will miss you pop up cards wink greeting cards welcome back pop up card pop up card 4 zoo animals in a car pop up card pineapple pop up new year cards 3d flower pop up card tutorial step by step pop out valentines day cards for kids book of pop up flowers arrangements pop up cards for thanksgiving on pinterest

mango africano diet pills what are the best over the counter diet pills top ephedra diet pills do weight loss pills raise blood pressure weight loss and progesterone pills energy all day keto pills pills for weight loss that are safe with afib medical grade weight loss pills weight loss free pills xenadrine diet pills and diabetes new tv ads for weight loss pills do green tea pills work to lose weight diet pills that help belly fat diet pills leptin diet pills drinking a gallon of water a day taking fiber pills on keto brand name diet pills starting with sun weight loss pills 10 lbs in 3 days diet pills watchdog 1st phorm st louis mo black rjs diet pills keto health pills diet pills uk 2021 most effective fat burning supplements capsaicin pills weight loss

totally free male enhancement pills how to use penis enlargement pills volume male enhancement pills side effects what sex pills actually work yahoo answers pills for erectile dysfunction walmart pills to lengthen my penis blue pills erectile dysfunction best pills for erections a way to tret erectile dysfunction with out pills erection sex pills best pills for increasing size of penis superior source sex drive pills nitric oxide supplements erection femdom mistress penis pills american sex pills rank over the counter male enhancement pills gold capsule from china 10 000 pec sex pills do penis enlargement pills actally work does the gastation sex pills male supplements for ed red sexual enhancement pills in retail stores chinese male enhancement pills suppliers how to make sexual enhancement pills adams secret male enhancement pills side effects