FBI Issues Public Service Announcement of Cyber Threats Related to Student Use of Educational Technologies
On September 13, 2018, the Federal Bureau of Investigation (FBI) released a public service announcement in an effort to increase awareness of the vulnerability of K-12 students to the threat of cyber attacks. According to the FBI, the rapid growth of U.S. schools using educational technologies and digital tools, particularly those connected to networked devices or directly connected to the internet, provide increased opportunities for “cyber-actors to access devices collecting data monitoring children within educational and home environments.” In particular, mobile devices, laptops, and tablets all may be improperly secured and pose additional avenues for exploitation by cybercriminals. The FBI warns that the improper use of sensitive personal data could result in social engineering, bullying, tracking, identity theft, or other means for targeting children.
While the FBI's involvement is certainly welcome, districts across the state have already been working hard to address these exact concerns at the local level. In particular, two of the most popular cyber attack strategies, ransomware attacks and phishing scams, continue to negatively impact school districts statewide.
Ransomware is a type of malware, which once on a device, encrypts the owner’s files and demands a ransom in return for the decryption key. Ransomware is typically expanded through malicious attachments or links sent in emails.
Phishing scams are typically carried out over email, but may also come from social media or SMS. Attackers will send an email that appears to be from a legitimate source, or from someone the user knows personally, asking users to send along sensitive information or to enter their login credentials on a fake site.
As a reminder, districts should implement the following practices in an effort to minimize any security breach from ransomware and phishing attacks.
- School districts should have secure email gateways in place to detect and block messages from malicious accounts. Additionally, schools should implement or update firewalls within their networks.
- Train all staff with access to personally identifying information to protect data confidentiality and preserve system security.
- Develop an assessment process and checklist followed by the development of a district-wide cybersecurity plan that includes preventative measures and responses for common and known threats.
- Regularly provide data security to help in creating a culture of security in the district.
If you have questions about this or other school safety-related issues, please contact Nancy Mullett at (616) 608-1147 or another member of Clark Hill’s Education Law group.
The Current Whipsaw in Labor Law: Recent NLRB Developments and the Direction of the Biden Administration
While President Biden makes historic decisions, such as the firing of the NLRB’s General Counsel in January, many employers are wondering what impact “Biden’s NLRB” will have on their workforce. As new board members are confirmed, what changes should employers expect from the new NLRB?
FAQs: Mandatory COVID-19 Vaccines and the Automotive & Manufacturing Industries
Join us for a presentation where we will share the considerations, implications, and answer your frequently asked questions surrounding the implementation of mandatory COVID-19 vaccines.
Supreme Court of Pennsylvania Finds Objection to Affidavit of Service Requirement for a Perfected Mechanics’ Lien Was Not Waived Even if First Raised 5 Years Later
Mechanic’s lien claims, unlike other actions, are created by statute and, as a result, Pennsylvania courts require strict compliance with the statutory requirements to perfect the lien or risk the dismissal of the claim.