Recently, the Federal Bureau of Investigation (FBI) warned schools about an increase in ransomware attacks during the pandemic, with attackers exploiting Remote Desktop Protocol (RDP) connections that allow school employees to log in to district servers remotely.
While the FBI’s alert is worrisome in its own right, it’s not the issue that keeps K-12 cyber security expert Doug Levin up at night.
Levin, a former director of the State Educational Technology Directors Association who now heads the consulting firm EdTech Strategies, is more concerned about what happens when millions of devices that have been removed from the protection of school district firewalls for five months are reconnected to district networks in August.
“Unless students, teachers, and administrators are IT experts, it’s not out of the realm of possibility that they have had malware introduced to their device,” Levin says. “We have seen a spike in the number of COVID-related phishing scams, and malware can be introduced through the sites that users have visited, the links they have clicked on, or the material they’ve downloaded — and also through home routers that aren’t very secure. If you got your router from Best Buy or the cable company, you might not have changed the settings on it. Bad guys know that, and they look for devices they can compromise.”
He adds: “What I worry about is that when all those devices are reintroduced to school district networks, they’ll pass along malware or ransomware.”
Remote learning’s IT security challenges
The sudden shift to remote learning this past spring brought many challenges, including how to keep devices and networks secure.