Cyberattacks & Virtual Learning

By Emily Short

Cyberattacks & Virtual Learning

Zoom, and other video conferencing tools, skyrocketed into the spotlight this spring when the COVID-19 pandemic forced schools (and businesses) to find ways to coordinate virtual learning.  As schools grapple with starting the 2020 school year, discussions around virtual learning have once again heated up.

Due to stay-at-home orders issued earlier this year throughout the nation, thousands of schools were expected to move from in-person learning environments to remote ones, with little warning and little training for teachers and administrators.  This rapid shift led to the implementation of unfamiliar technologies, and in some cases, these technologies were not the most privacy-friendly.

Recognizing the threat posed by virtual learning, the FBI issued a public service announcement in April warning that cybercriminals would likely take advantage of the pandemic, and would exploit the increased use of virtual environments.  The alert stated, in part, “[t]oday’s rapid incorporation of education technology (edtech) and online learning could have privacy and safety implications if students’ online activity is not closely monitored . . . . Cyber actors exploit vulnerabilities in these systems to steal sensitive information, target individuals and businesses performing financial transactions, and engage in extortion.”

The alert came shortly after the FBI warned the public about the hacking of virtual meetings, also known as “Zoombombing.”  Zoombombing, which now has its own Wikipedia page, “is the unwanted intrusion into a video conference call by an individual, causing disruption.”  Sometimes, the “bomber” just wants to disrupt a meeting and gain some laughs; other times, they have utilized racial slurs, profanity, and even pornography.

In April, a number of school districts, including the New York City Department of Education, announced they would no longer utilize Zoom for conducting meetings and online educational sessions due to security and privacy risks.  Since then, Zoom has rolled out a number of new security measures, including stronger encryption protections and two-factor authentication.  The NYCDE has since reversed course on the ban.

These security enhancements go a long way towards easing parental concerns, but no virtual platform is 100% secure.  Cybercriminals will continue to attempt to exploit opportunities stemming from the COVID-19 pandemic.

As teachers and parents attempt to navigate the new normal, here are some tips for keeping your next Zoom meetings safe:

  1. Protect your account from the start. Make sure to use a strong and unique password when setting up your Zoom account.  Don’t re-use passwords!
  2. Protect each meeting with a password. Zoom recently turned on password protection by default – just make sure you don’t publish the password on social media or other public sites.
  3. Enable waiting room. The waiting room feature is also a recent default setting, which puts participants in a “waiting room” until the host approves each one.  It also permits the host to kick out any unwanted participants.
  4. Limit the ability to screen-share. Unless otherwise needed, it’s best to limit the screen-sharing capabilities to the host.
  5. Lock your meeting. Once all confirmed participants have joined, “lock” your meeting.  This prevents others from joining even if they have the meeting ID and password.
Beyond Zoom

Concerns related to privacy don’t stop with Zoom though.  Schools must now be prepared to respond to cyberattacks in all forms – zoombombing, ransomware attacks, and theft of personally identifiable information will be top of mind this fall.

As if the first week of school isn’t challenging enough, a Connecticut school district was forced to postpone the first day after a ransomware attack caused an outage of critical systems.  The Clark County school district in Nevada also experienced a ransomware attack during its first week, potentially exposing personal data.

In Virginia, the Fairfax County Public Schools (FCPS) suffered a ransomware attack at the hands of the Maze group.  Although the school district said the incident didn’t disrupt online learning, the Maze group claims to have stolen personally identifiable information from FCPS and has published some of the data online as proof.  In such cases, the school must attempt to respond to both computer and network disruptions and the loss of personally identifiable information, which often escalates the desire to pay the ransom.  FCPS is currently working with the FBI and cyber consultants to investigate and determine the scope of any potential data breach.

Unfortunately, these are not isolated events; according to Recorded Future, there have been nine cyberattacks against school districts in July, August, and so far in September.  School districts will continue to face more complex cyber threats and should be prepared to respond to potential incidents as virtual learning opens more points of access.  Managing the network to protect again ransomware attacks and data breaches is paramount.