Over three dozen schools across the country have fallen victim to attacks by cyberthieves this year alone: Paychecks and data are being stolen, and networks are being taken over to extort money.
Schools are rushing to increase the use of technology in the classroom but aren’t taking the proper precautions to keep data secure. Cyber experts say that schools need to make sure anti-virus software is up to date, back up files, and provide training on computer security to be protected. Failure to do so makes them perfect targets for hackers.
The amount of student information that hackers have access to is alarming:
- Full names and addresses
- Social security numbers
- Academic performance
- Phone numbers
- Medical and discipline records
The data is released in a plethora of demands and actions that continue to escalate. Going against FBI advice, some districts are surrendering by paying ransoms demanded by the hackers. Jennifer Fong Borucki, a spokeswoman for Los Angeles Valley College, explains that failure to pay would essentially mean the loss of all data. The school paid $28,000 in ransom to cyberthieves in January. Horry County’s executive director of technology Charles Hucks, alleged that the near $10,000 ransom payment to hackers is nothing compared to each day the schools were unable to access the content and files created by 43,000 students and over 4,000 faculty members. Lauren Hagee, a spokeswoman with the FBI division in Dallas, stated, “We don’t condone the payment of ransom; however we understand that certain business decisions have to be made”.
The hackers gain access in many ways, such as sending users infected programs, links and emails. Upon opening, the information is readily available to cyber criminals who use it for multiple ventures such as creating fake identities using student information to be sold on the black market.
Payroll checks are also being stolen as hackers reroute staff direct deposits into unauthorized accounts. A combined $56,000 was stolen from 27 employees at Atlanta Public schools in a similar scenario last month. An example of how hackers are able to pull off such a scheme is an incident in Georgia’s Fulton County in August: 46 employees were tricked into providing login credentials via deceptive emails and the information was then used to reroute direct deposits onto refillable money cards.
According to the FBI’s Internet Crime Complaint Center, victim losses increased from $1.62 million in 2015, to $2.43 million in 2016. A report from Gemalto stated that the number of breeches in the education sector more than doubled in the first 6 months of 2017. The estimated 32 million records involved in the first half of the year is up 4,957 percent compared to the last half of 2016, where just 641,000 records were involved.
Hackers don’t discriminate against public or private institutions, and will strike anywhere from elementary schools though college. Take the few extra steps to prevent a disaster. Student Accident coverage is a risk-management solution that ensures security and peace of mind for all.