Keeping K-12 Cybersecure–the newsletter of the K-12 Cybersecurity Resource Center–curates the best cybersecurity and privacy news for K-12 policymakers, administrators, IT professionals, vendors, and privacy advocates. The latest edition (Keeping #K12CyberSecure [#22]: “Open for Business”) provides information on recent updates to the K-12 Cyber Incident Map, other additions to the Resource Center, informed commentary, and curated news you can use.
While there’s much more available in the newsletter itself, here’s a sampling of the must-read articles published since last edition:
- Schools are deploying massive digital surveillance systems: The results are alarming. Yes, they are, and, yes, it is.
- Insider threat has many faces: “Former principal gets 8 years for one-man crime wave.”
- In an incident previously reported by the K-12 Cybersecurity Resource Center, new reporting reveals that the Paterson (NJ) schools email system was compromised in 2017 (“Paterson schools email system was compromised in 2017, records show“) and they (still) have ‘almost no answers’ for who might have been responsible for the recent breach of 23,000 passwords in their care (“How did data breach that claimed 23,000 passwords occur? Paterson school district has almost no answers“). At least, they’ve moved on from threatening to sue the local newspaper for breaking the story.
- Documents show (some of) the cost of recovering from the Oklahoma City Public Schools ransomware attack: the totals add up to likely over $100k and climbing…. As Ben Franklin said: ““An ounce of prevention is worth a pound of cure.”
- Content filters are hard, part 814124: “Porn pops up on school-issued iPad after 9-year-old student searches for ‘bouncing balls.’”
- Some on-point advice via the law firm of Fisher & Phillips LLP: “Security Breaches In Schools: 10 Steps To Protect Your Information.”
- The New Jersey School Boards Association offers advice for school board members on how to protect student and employee data in the ‘cyber age’.”
- What a teen grade hacker’s confession can teach us. Kids these days…
- FYI: Grade hacking services are easily available online, per Kaspersky. This includes discussion fora and how-to guides and videos.
- According to the GAO, some federal agencies – including the U.S. Department of Education – are still running decades-old IT systems and have no plans to upgrade them. On the other hand, the good news is that the Department recently got above average grades in a recently released federal cybersecurity risk management study.
- Not something you see everyday: a warning from the NSA to patch your Windows computers (“NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows“). I’d say that is advice worth paying attention to.
Be sure to check out the full newsletter and sign-up to ensure you get all the latest news direct to your inbox. And, as always, please contact us with any feedback, tips, or suggestions.