Safety & Security (Prepare and Be Aware)
Cyber Criminals Are After Your Schools
- By Michael Fickes
- January 1st, 2018
PHOTO © BOB MICAL
“Good grief,” as Charlie Brown says. “What’s wrong with all of our computers?”
Could be cyber vandals.
Cyber vandals are out there, and they just may stumble into a system in one of your schools. If that happens, and you have no defenses, you’re in for a world of trouble.
“Oh, it probably won’t happen at my school,” you say. “If it does, our IT department can handle it.”
Perhaps. Certainly, it used to be true that IT departments could handle the irritating, but relatively small problems posed by hackers. However it’s different today. Ask your IT director. Today, an attacker can hit your system from any of several directions using automated hacking technology capable of causing tremendous damage.
“Today, hackers use automated BOTs to search the Internet for systems to break into,” says Michael Kaiser, executive director of the Washington, D.C.-based National Cyber Security Alliance (NCSA), a company that helps clients develop cyber security systems and cultures.
“When an automated hacker BOT comes across a system with weak defenses, it reports back to its hacker boss,” continues Kaiser.
A BOT is a form of software designed to automate tasks on the Internet. BOTs directed by hackers can automate the process of finding and attacking computers and computer systems.
Even a well-defended system can become vulnerable. Suppose someone plugs an extra printer into the system to handle a school disrict’s burgeoning work load. “The old thinking was that it is just a printer; plug it in,” says Rory V. Sanchez, CEO of West Palm Beach, Fla.-based SL Powers. “But if it is unsecured, it will offer a path into the network for anyone that knows how to walk that path.”
In a junior high or high school, students can be the weak links. They bring their own devices and plug into the network—whether
school policy allows it or not.
Some schools, of course, require students to upload homework assignments to their own thumb-drives, complete the work and make submissions through USB ports feeding district systems.
The trouble is, the students’ computers and other devices could carry infections picked up from online connections at their homes.
And, of course, students, teachers, and administrators use the network system day in and day out. That’s what the system is for, isn’t it? Hackers can take advantage of that.
“Not long ago, in a school district with 55,000 students, a teacher received an email from an unknown sender and, without thinking, clicked on a link, which turned out to be a hacker BOT,” says Glenn Meeks, president of Cary, N.C.-based Meeks Professional Services, a company that implements technology into educational environments.
“The BOT took over the device and signaled a hacker, who then took over that device as well as other devices and carried out a denial of service attack against the district’s computer network.”
In a denial of service or DOS attack, the attacker sends thousands of empty emails to a system server or specific URL. The massive email traffic overwhelms the system. In this case, the Internet managers had to remove the district’s domain name from the Internet until the problem was fixed. Removing the domain name stopped the attack.
It took two days to fix the problem by clearing the email system and the affected computers. During that period, the district had no network service.
For two full days, then, none of the students, teachers, or administrators had access to apps, subscriptions, or digital content.
How Can You Protect Your School?
Kaiser suggests five practices, which he calls cyber hygiene, to help protect school computer systems.
“This is an approach that can help keep your computers safe. Try to look at it as less of a hassle and more of a way to help give students skills that will likely be required later in life in their jobs,” says Kaiser.
Five Steps to Safe Computer Use in School
1. Keep the computers clean—that is free of viruses. Scan them all regularly and get rid of any intruding malware before an attack can be mounted.
2. Make sure that all software is up-to-date on all equipment using the network. Kaiser says that old software versions make easy targets for hackers and malware.
3. Analyze your log-in procedures. Make sure you are using strong authentication procedures. Students, teachers, and administrators alike may not like it, but multifactor authentication is a recommended practice today. Intruders can make quick work of single factor authentication. It’s important to make your system so difficult to crack that a would-be intruder won’t even want to try—he or she will simply start looking for an easier target.
4. “Share with care,” says Kaiser. “Tell users not to offer too much personal information. Intruders know how to analyze that kind of information looking for keys that will enable them to manipulate processes and break in.”
5. “Finally, we are strong advocates of creating a culture of cyber security,” says Kaiser. “To do that, the security director needs to organize and run regular meetings with staff and students, continues Kaiser. The meetings would provide awareness training about procedures that are acceptable, while shining a light on dangerous procedures that might invite hackers.”
Consultant Meeks also favors balance. “It’s important to balance the need for security against the needs of students searching for information on the web,” he says. “The way to create balance between security and access is by managing access—blocking some websites and allowing access to others.”
Rory Sanchez agrees, noting that IT people often seem like enemies. They arrive, install devices and procedures, and the system slows down. Today, we have to use devices and procedures that provide an appropriate level of antivirus and personal firewall production, he observes. It is important to install and monitor the continued use of these precautions from the beginning of the semester—it takes time and costs money, but the risks require it.
“In addition, you have to manage the contents of the devices used by students, teachers, and administrators. Every night, devices go home with their users. There are few, if any, controls on home networks. So viruses come back to school in the morning.
The Best Protection
Sanchez points to a security model called VDI or virtual desktop infrastructure. “This is the best and most secure set-up I’ve seen used in schools,” he says. “With this system, there is no direct connection between individual computers used by students, teachers, and administrators and the Internet. Their computers can only access the virtual desktop, which does access the Internet—under highly controlled conditions.”
The virtual desktop provides everything from the Internet that school users might need. When a virtual desktop undergoes a virus attack, the IT department simply deletes that virtual desktop and opens another.
“With virtual desktop technology, you can work in a contained, secure environment,” Sanchez says.
Of course, virtual desktop technology isn’t perfect. It comes at costs that many districts will find difficult to afford. Still, the service is valuable. Cyber vandals will find it much more difficult to get into a school IT system and rummage around, which, of course, can be expensive as well as disastrous.
This article originally appeared in the January 2018 issue of School Planning & Management.