Every two weeks, Keeping K-12 Cybersecure–the newsletter of the K-12 Cybersecurity Resource Center–curates the best cybersecurity and privacy news for K-12 policymakers, administrators, IT professionals, and privacy advocates. The latest edition (“No Emails for You!“) provides information on recent updates to the K-12 Cyber Incident Map, other additions to the Resource Center, and curated news you can use.
Here’s your reading list for articles published during the last two weeks of November 2018:
- No emails for you! I get why this school district is making it harder for scammers to scrape their website for teacher email addresses (“Campbell County Schools to remove emails from website to increase cybersecurity“), but restricting the ability of parents to reach teachers seems like maybe it is going too far. What do you think?
- An Indiana school district recently lost a legal battle with a New York bank to recover more than $120,000 stolen two years ago by an offshore computer hacker who compromised a district employee’s email account (“Lake Ridge Schools loses suit to recover $120,000 missing after hacking incident“). The incident was previously reported on the K-12 Cyber Incident Map. More details on the incident here.
- Courtesy of r/k12sysadmin: “trying to find a botnet in the [school district] network… any help is appreciated.”
- US law enforcement believe they have identified criminal hackers responsible for a spate of ransomware attacks on schools and other organizations (“US charges Iranian ‘SamSam’ hackers“).
- There is nothing uniquely American about school technology challenges. Consider three recent news stories out of the UK: (1) Schools in the UK reported 703 data breaches to the Information Commissioner’s Office (ICO) in 2016-17; (2) Dad demands Essex Police probe after Ormiston Rivers Academy pupils’ data is hacked; (3) Insurer warns parents to be on the lookout for cyber criminals targeting school fees.
- The Wall Street Journal ($) reports that in a letter to New York State Education Commissioner MaryEllen Elia, the Office of the State Comptroller said that her department had failed to take sufficient steps to secure its computer information systems for more than a year, leaving students’ personal data at risk of hacking (“Audit Says State Education Department Must Do More to Prevent Hacks of Student Data“).
- Doug Johnson writes about the many shifts he has seen over the years as a school technology leader (“7 Changing Responsibilities of the School CIO“). Among them: “aggressively addressing data security and privacy issues in schools.”
- From MA comes a story (“Tech Director Looks To Protect Sandwich Schools From Cyber Attacks“) of a school technology leader going before his school board to advocate for new technology resources and policies to address cybersecurity concerns.
- While I can’t vouch for any of the other trends in the article, it is important to note the rising importance of K-12 cybersecurity issues more broadly (“Top 5 Digital Transformation Trends In Education For 2019“).
- Words to live by: make sure school technology devices aren’t exposed on the open internet (“Hack Brief: Printers Were Exploited for PewDiePie Propaganda“).
Be sure to check out the full newsletter and sign-up to ensure you get all the latest news direct to your inbox. And, as always, please contact us with any feedback, tips, or suggestions.