Enter your email below to receive weekly updates from the Ashton College blog straight to your inbox.
Data has a lot of value to cybercriminals and depending upon the kind of data, the results of a cyber attack can be more than expensive, they can be very invasive and cause problems decades into the future. One of the most targeted sources of data in the last few years (and significantly 2020) has been Canadian public school boards.
No one likes to work harder than they must and cybercriminals like low-hanging fruit as much as the next person. Unfortunately for school boards, they are low-hanging fruit. They have an excess of data and they generally have minimal cybersecurity as well as small Information Technology teams. It is unlikely these teams are offered cybersecurity courses.
Perhaps the most horrid part of hacks on school boards is that data on minors is valuable and is often sold on the dark web. While this data can be used for baiting children and putting them into terrible situations, there is also a financial gain to be made beyond the sale of the data. Those who are involved in identity theft are able to create full identities around a child’s Social Insurance Number because there is no employment or lending data associated with it. This identity theft may not be discovered for years at which time it is nearly impossible to track or correct because the breach is so old.
All organizations face different cyberattacks with different goals. Unlike businesses with e-commerce activities, the goal here is not capturing credit card numbers or falsifying purchases, it’s accessing data. For Canadian school boards, this may be teacher and employee data and employment records, it may be student data and records, it could be both. Additionally, the target may be the systems themselves that school boards need to make use of on a day-to-day basis. During COVID, this reliance school boards, students and families have on electronic resources has grown exponentially, but without the necessary corresponding security measures being put in place. It is the ideal situation for hackers.
Cybercriminals target data for a wide range of reasons. You learned about one above – to create falsified identities on the clean records of minors. Another reason may be to capture the data and encrypt it so that it can not be accessed by schools and authorized individuals. This is done as a form of blackmail, where large sums of money are demanded in exchange for the return of the data. If the hackers’ needs are not met, they usually begin releasing the data on the dark web.
This is often known as encryption malware and cybercriminals will be “in” a school district’s network system for many days to take what they want, delete backup data and remove any security precautions before ever revealing their presence – it is something taught in CompTIA security+ certification training. Another method of this type of hacking is when apps students and teachers are using are disabled to prevent online classes, remove resources and make various tools inaccessible.
In January 2021, the Peel District School Board (the region immediately west of Ontario) was brought to a grinding halt by a cybercriminal who had used encryption malware to essentially hold the data hostage. The district’s intranet was inaccessible, applications being used by classes were wiped out and students could not use the COVID reporting tool they were to enter data into prior to attending school in person.
While cybersecurity issues raise images of nefarious individuals in darkened rooms causing mayhem, some of the biggest challenges come from the most trustworthy of sources. The staff, teachers and students. When cybersecurity issues are not fully explained, people are easy targets for phishing strategies and actions that leave networks open and vulnerable. Keeping networks safer is outlined in a CompTIA network+ certification program.
Here too, we may think this is like the 2015 case in Calgary where a 15-year-old student used unsophisticated methods to access grades, names and addresses, but the value in the data may see hackers with far more malicious intents, gain access.