COVID-19 has dramatically changed educational systems. At the height of the pandemic, over 1.2 billion students around the world were unable to attend in-person classes. School systems around the world were forced to adopt online education out of necessity to help students keep up with their education and provide some level of normalcy during these unprecedented times.
At amazing speed, schools around the nation rose to the challenge and deployed millions of digital online learning tools to students. Edtech tools such as Google Classroom, Google Documents, Schoology, Canvas, Zoom, and others quickly became part of the online schooling toolset and part of the “new norm.” But what was the tradeoff in making this happen so quickly? In the effort to get all students online and not fall behind in their studies, were some steps overlooked?
Protecting Against Digital Footprints
When you post on your school’s learning management solution or social media platforms such as Snapchat, Instagram, or TikTok, you leave behind a digital footprint. This is considered an active digital footprint that lives forever on the internet. But there is another less often talked about digital footprint, the passive digital footprint. The passive digital footprint is the data trail that you unintentionally leave online. Examples of a passive digital footprint are websites that install cookies on your devices, apps and websites that use your geolocation, and social media platforms that use your likes, shares and comments.
Whether we want to call it digital breadcrumbs or digital exhaust, it shouldn’t be news to anyone that you leave a trail when working online. It should also not be a surprise that everyone from big business to cyber criminals utilize your digital footprint for their gain. Corporations are using your information for targeted, remarketing ads. It’s a lucrative business.
There has been a wave of legislation in the past couple years to help stem the tide of data collection. However, we know that no amount of legislation or regulation will dissuade cybercriminals as long as there is money to be made from mining your personal data. School systems and students are prime targets for cybercriminals. Students are the perfect targets because they are generally more naive in their approach to the world and are more likely to overshare information or click suspicious links in a phishing attack.
Students and Schools: Surprisingly Lucrative Targets for Cybercriminals
Students are lucrative targets for cybercriminals in two ways. The first is stolen identities, especially those without a credit history, which garner a high price – as high as $1,100 per identity on the dark web. The reason is that the stolen student’s identity might go unnoticed for years until it’s too late. Imagine the kind of damage that could be done to a stolen identity without a credit history.
The second huge bounty for cybercriminals is access to a school’s network, which is full of personal information about their students such as home address, birthdays and full names. A cybercriminal can often gain access to a school’s system through a student’s compromised email account. A student’s school email account is a prized asset because the account is often left unchecked for long periods of time. With access to the school’s network, a criminal can install malware for a larger sustained attack or hijack the system until a ransom is paid. For example, a school system of 115,000 students in Baltimore was brought to a halt due to a ransomware attack. What can school systems do to protect their student confidential information and online footprint?
School CIOs and CISOs must go beyond the standard content filtering practices to ensure the safety of students while operating on the internet. Technologies such as network obfuscation, varying network pathways through the internet, eliminating IP address and mis-attributing identity and locations of users have been used for a number of years to protect critical assets and cybersecurity specialists in military and intelligence operations. These technologies are now being commercialized to bring these critical cyber protection capabilities to the public. Implementing this next-generation cybersecurity technology will not only protect the privacy and security of students, but will ensure the learning organization’s critical enterprise network resources cannot be seen on the public internet by those who mean to do harm.
To learn more about how Telos Ghost can help protect your learning organization’s critical network resources with capabilities like these, visit www.telos.com/telos-ghost.