FBI Issues Public Service Announcement of Cyber Threats Related to Student Use of Educational Technologies
On September 13, 2018, the Federal Bureau of Investigation (FBI) released a public service announcement in an effort to increase awareness of the vulnerability of K-12 students to the threat of cyber attacks. According to the FBI, the rapid growth of U.S. schools using educational technologies and digital tools, particularly those connected to networked devices or directly connected to the internet, provide increased opportunities for “cyber-actors to access devices collecting data monitoring children within educational and home environments.” In particular, mobile devices, laptops, and tablets all may be improperly secured and pose additional avenues for exploitation by cybercriminals. The FBI warns that the improper use of sensitive personal data could result in social engineering, bullying, tracking, identity theft, or other means for targeting children.
While the FBI's involvement is certainly welcome, districts across the state have already been working hard to address these exact concerns at the local level. In particular, two of the most popular cyber attack strategies, ransomware attacks and phishing scams, continue to negatively impact school districts statewide.
Ransomware is a type of malware, which once on a device, encrypts the owner’s files and demands a ransom in return for the decryption key. Ransomware is typically expanded through malicious attachments or links sent in emails.
Phishing scams are typically carried out over email, but may also come from social media or SMS. Attackers will send an email that appears to be from a legitimate source, or from someone the user knows personally, asking users to send along sensitive information or to enter their login credentials on a fake site.
As a reminder, districts should implement the following practices in an effort to minimize any security breach from ransomware and phishing attacks.
- School districts should have secure email gateways in place to detect and block messages from malicious accounts. Additionally, schools should implement or update firewalls within their networks.
- Train all staff with access to personally identifying information to protect data confidentiality and preserve system security.
- Develop an assessment process and checklist followed by the development of a district-wide cybersecurity plan that includes preventative measures and responses for common and known threats.
- Regularly provide data security to help in creating a culture of security in the district.
If you have questions about this or other school safety-related issues, please contact Nancy Mullett at (616) 608-1147 or another member of Clark Hill’s Education Law group.
Joint Considerations for Cannabis Industry Employers
During this webinar, we will discuss employment and benefits issues that employers in the cannabis industry face as they form and grow their businesses.
2022 Projections in the North American Auto Industry
2021 was challenging for the auto industry in Mexico and the United States, and 2022 is similarly projected.
Leaders in the automotive and manufacturing industries will benefit from a panel discussion where their industry peers and Clark Hill attorneys will discuss the key legal and supply chain issues.
2022 California Labor & Employment Conference
From new regulations regarding COVID-19 to critical employee rights updates, join us to keep your business prepared and in compliance.