Cybersecurity in Education: What Every School Should Know

Cybersecurity in Education: What Every School Should Know

October is Cybersecurity Awareness month. Cyberattacks have been more prevalent in schools, with 408 disclosed attacks in 2020. What can your school do to prevent falling victim to these attacks? What are the most common threats to cybersecurity in education? Today, we’ll answer both questions.


Why Cyberattacks are on the Rise in Schools

The increase of cyberattacks can be attributed to several factors. Schools are viewed as soft and easy targets. Administrators have incorrectly believed that schools have nothing of value or worthy of taking by cyber criminals. More importantly, many schools lack the resources to build a robust cybersecurity program. Often, there isn’t a full-time employee dedicated to cybersecurity. Beyond that, districts often lack employees that have the knowledge and expertise in cybersecurity.

The pandemic also uncovered cybersecurity vulnerabilities. As schools rushed to introduce new technologies for remote learning, it created security gaps. Many schools dealt with videobombing and phishing scams.


Types of Cybersecurity Threats

Here are the most common cybersecurity threats:


Data Breach

As the name implies, a data breach is a leak of sensitive information from a secure to unsecure environment. Whether data is copied or transmitted, it is then used in an unauthorized manner. Generally, the type of information breached is confidential, like student records.


Spoofing & Phishing

Spoofing is essentially a forged email. It can appear to come from a well-known and reputable organization. Upon closer inspection, its sender is someone else entirely.

Phishing is another email scam. The sender falsely poses as a legitimate organization in the attempt to obtain sensitive information (passwords, credit cards, bank information).

Spear phishing is a type of targeted phishing. These appear to be from someone you know with a reasonable request. Upon closer inspection of the email address, you can see that the sender is unknown.


Malware, Scareware & Ransomware

Malware is software that is intentionally designed to disrupt, damage, or gain unauthorized access to a computer, server, or network. Systems can become infected when users download malware disguised as legitimate software online, through peer-to-peer sharing, or via email.

Scareware is a type of malware designed to trick users into buying unnecessary and potentially harmful software. Scareware is socially engineered to cause shock, anxiety, fear, or the perception of a threat.

Another type of malware, ransomware encrypts users’ files then demands the payment of a ransom for users to regain access to their data. Mainly delivered via spoofing or phishing scams, it can also include an element of extortion—releasing user data or images of the victim is threatened if the ransom is not paid.


Denial of Service

Denial of Service (DoS) attacks intentionally overload or disrupt servers to make a website, machine, or network unavailable. While DoS don’t typically result in data theft, they can cost the victim a significant amount of time and money.


Outdated Software

A more passive attack, outdated software creates vulnerabilities where unauthorized users can gain access to networks.


Removable Media

Perhaps not as prevalent today but still a risk in schools, removable media (USB drives, external hard drives, DVDs/CDs) can pose cybersecurity challenges. Easily stolen, these devices can be manipulated with malware. Corrupted devices can be intentionally or unknowingly connected computers. Then, device files can infect computers or networks.


Safeguarding Your School Against Threats

Key to cybersecurity in education is protecting your school against cyberattacks. Here’s what your school can do to actively prevent cyberattacks.


Define & Promote Policies

Creating and promoting computer and internet usage policies can help insulate your school from cyberthreats. These policies, like an Acceptable Use Agreement, define acceptable terms of use for computer systems. They should include any local, state, or federal regulations about information security and privacy

Equally important is creating an Incident Response Procedure in the event of a cyberattack. This will define how to respond to the attack, including operation and communication guidelines.


Update OS & Software Regularly

One of the easiest ways to prevent cyberattacks is by keeping operating systems and software up to date. Updates provide vital security patches and enhancements to both operating systems and software. Maintaining updates can be your first line of defense against malware attacks.


Store Data Securely

Data should be stored securely and in compliance with the Family Educational Rights and Privacy Act (FERPA). This is particularly important with increased use of cloud systems. Data should be regularly backed up in the event of accidental or intentional corruption.


Educate Students & Faculty

Reaching young users is key in quelling the tide of cyberattacks. Do this by integrating a digital citizenship curriculum for students of all ages. Educating students on the nine elements of digital citizenship speaks to their role as a digital citizen and the responsible use of technology. Not only could this prevent future attacks from younger generations, but it can also alert young users to cyberthreats as well as how to correctly respond to such threats.

Educating staff and faculty about cybersecurity can prevent attacks that occur due to behavioral issues. Teaching the importance of strong passwords, multifactor authentication, and email etiquette can prevent these types of attacks. Training should be ongoing and sustainable.


AGParts Education has been in the classroom since the Chromebook revolution began, supporting Council Bluffs School District as one of Google’s first 1:1 pilot schools. Find out why 6,000+ US school districts, including Council Bluffs, trust us in Chromebook parts supply, tech buyback, and more. Contact us today to see how we can help your school district today.


9 Elements of Digital Citizenship

9 Elements of Digital Citizenship

More than 175,000 children go online for the first time every day and 1 out of 3 internet users are children. As part of internet safety for students, understanding the 9 elements of digital citizenship has never been more important.


Digital Citizenship & Digital Citizens Defined

Everyone who uses the internet and technology is a digital citizen. Through the use of the internet and technology, digital citizens engage in all aspects of society from politics to ecommerce to connection via social media.

Digital citizenship is engaging responsibly with technology, the internet, and its users. Every digital citizen should endeavor to follow the 9 elements of digital citizenship which lays guidelines for appropriate use.


Why is Digital Citizenship Important?

Only 7% of Americans never go online, with 25% of that small percentage being 65+. Couple this with the fact that 97% of Americans own a cell phone (of those, 85% own a smartphone) and practicing the 9 elements of digital citizenship has never been more important. It’s crucial we all do our part to make the internet the safest and most equitable place possible.

In 2019, 41% of American students had their own device through their school’s 1:1 computing program.  While that may seem like a modest percentage, that doesn’t address the schools where one device is available to five or fewer students. Nor does it address the increased demand for 1:1 programs or student devices following 2020.

Children are using technology at home, too. Although most believe that children should have their first smartphone later, the average age for a child to have their first smartphone is 10 years old. By age 8, 42% of US children have their own tablet. As technology and internet use continues to permeate our lives and younger generations, students must learn about digital citizenship at early age to ensure their responsible use of the internet and technology.


9 Elements of Digital Citizenship

There are 9 elements of digital citizenship that every digital citizen should be familiar with. They are:

1. Digital Access is the equitable distribution of technology and not only understanding who has access to technology, but the limitations and consequences to those who have limited access to technology.

2. Digital Commerce is the buying and selling of goods. This principle focuses on making safe and informed decisions when purchasing or downloading materials online.

3. Digital Communication is understanding the different modes and mediums of digital technology and when to appropriately use them. For example, understanding when sending an email is appropriate versus sending a text message.

4. Digital Etiquette is understanding appropriate code of conduct and procedures when using mobile devices. It extends beyond recognizing bad behavior in that it actively encourages appropriate and responsible behavior online.

5. Digital Literary or Fluency is the process of understanding technology, how to use it in its many forms, and how to adapt when new technologies are introduced. It also extends to internet usage and how to effectively search and evaluate information online.

6. Digital Health & Welfare is maintaining sound technological practices to promote physical and psychological wellness. Practicing eye safety and ergonomics, and balancing screen time and technology usage are all related to this important principle.

7. Digital Law is understanding and complying with online rules and policies, and how to use technology ethically. Digital law is broad and covers topics from spam to cyberbullying.

8. Digital Rights & Responsibility are the freedoms that extend to everyone online. Examples of this include right to privacy and free speech.

9. Digital Security & Privacy are electronic precautions to bolster online safety. Secure passwords, not sharing passwords, backing up data, and antivirus protection are all examples of this principle.


Digital Citizenship Resources

As we’ve established, introducing digital citizenship early is key. Equally important is teaching digital citizenship all year, every year. As students age, their online activities will change. What they learn in second grade is not what they will learn in ninth grade, which is why it’s important to teach this subject yearly.

There are many tools available to teach digital citizenship. Check out these helpful resources:

  • Common Sense Media offers free courses for all school-aged children
  • ITSE U offers a comprehensive digital citizenship course to equip teachers, coaches, and other leaders
  • Edutopia shares a complete guide of helpful blogs and videos about digital citizenship
  • Cyberwise offers free cyber civics resources for families


AGParts Education supports 6,000+ innovative 1:1 school districts in Chromebook parts supply and technology buyback. Contact us today to see how we can help your school.



Recent Comments