Reading Time: ~ 3 min.

Our kids are more connected than any previous generation. From the moment they wake up, they have an instant connection to the internet through phones, tablets, and laptops. The internet is also now an important part of their learning experience, and many parents often assume that cybersecurity has risen as a priority for school administrators. But with many institutions struggling to modernize legacy systems, that assumption puts our children’s security at risk. Here are the top threats to cybersecurity in schools and how to protect against them, so you can send your kids out the door knowing they’re safe and secure. 

Learn how VPNs help safeguard your data and can enable private and anonymous web browsing.

Unsecured School WiFi

Many school WiFi networks are as vulnerable as any public network at a coffee shop or airport. In an attempt to secure WiFi networks in K-12 environments, many schools use pre-shared key (PSK) authentication. PSK authentication is the practice of sharing a single WiFi password with network users in order to grant access. This password often makes its way onto unauthorized devices, granting potentially malicious users access to the school’s network, and to your child’s digital footprint.

Weak Cybersecurity Practices

A school’s cybersecurity defense plan is only as strong as its weakest link, and that weak link is often the plan’s users and overseers. According to Verizon’s 2019 Data Breach Investigation Report, a startling 35% of all education sector data breaches were caused by human error. Mistakes as simple as using discontinued or out-of-date software can leave entire school systems vulnerable—even at prestigious institutions like Stanford University. Because Stanford was using discontinued software called NolijWeb, a white hat hacker was able to exploit a security flaw that left sensitive student data easily accessed through a simple change to a numeric ID in a URL. While exploring the scope of the vulnerability, 81 students’ private data was exposed, including information like Social Security numbers, citizenship status, criminal status, standardized test scores, ethnicity, and home addresses.

Targeted Cybersecurity Attacks

Due to the highly
sensitive data stored within their systems, education IT infrastructure is consistently a top target for
cybercriminals. K-12 school systems and higher education saw more than 48 million records exposed through data breaches in 2017 and
2018 alone. The threat has become a large enough issue that the FBI has
released a public service announcement warning that the education sector
was one of those most frequently targeted by social engineering schemes and
phishing attacks. 

Beyond traditional cyber threats, schools often face a unique adversary—the students themselves. The Joint Information Systems Committee (JISC) recently conducted a survey that examined more than 850 cyberattacks against schools and concluded that a majority of those incidents had been perpetrated by students or school staff. Although an attacker who targets a school so that they won’t have to take a test may not be as costly as one that targets student data, it still can grind a school system to a halt.

How to Protect Your Student’s Cybersecurity

can you protect your child’s cybersecurity while they are at school? Get
involved. Ask the school’s administrators about their cybersecurity policy. Ask
about their strength of their firewalls, their
email security measures, and the amount of encryption applied to the data
storage systems. If you’re not satisfied with their measures, be your child’s
cybersecurity advocate.

you may have limited control over any school-provided devices, you can secure your
child’s personal devices behind a trusted VPN (though they
must know how to use it first). This will wrap your child’s data in a tunnel
of encryption, protecting them from prying eyes wherever they go. In some
cases, VPNs can prevent access to testing and curriculum sites on school
networks, so students should know how to connect and disconnect to their VPN at

Most importantly, teach
your child to be aware of the risks of cybercrime and how to combat them. Help
them understand how a VPN and other measures can keep them safe, how to
recognize phishing attacks, and why they should always be vigilant. Your child
knows to wear a seatbelt when riding in someone else’s car, they should also
know how to stay safe online, whether at home, school, or a friend’s house.

The key to truly
protecting your children from potential cybersecurity threats is education,
both for yourself and for your family. Follow us on Facebook and Twitter to stay up to date on the latest risk reports and security tips.

The post Cybersecurity in Schools: What Families Need to Know appeared first on Webroot Blog.