A student in the U.K. hacks into their teacher’s computer to change grades. The same password was used to access multiple accounts and student hacking was among the incidents that prompted the Government Communications Headquarters of the U.K. to provide cybersecurity training to school staff. After obtaining the password, the student was able to access more than 20,000 records and change their marks, the GCHQ National Cyber Security Center said. The incident, which led to the school’s disciplinary action by the Office of the Information Commissioner, is being used as one of four actual courses being conducted as part of the Government’s new training program. The program has been launched and school staff is urged to take part in this free training to improve their protection against cyberattack.
Data shows that 83 percent of schools are experiencing some form of security by 2019 and less than half of schools say they are confident and they are ready for cyber-attacks. The study also revealed that only a third of schools train non-IT staff in cybersecurity. In addition, it has been shown that there is a much lower use of strict cybersecurity practices such as two-factor authentication. Another case study from the training details how an unencrypted USB drive containing sensitive student’s data was lost after it was taken off school grounds. The drive was eventually found by a member of the public who returned it to school.
Sarah Lyons, Deputy Director of NCSC Economic and Social Inclusion, said: ‘It is very important that schools and their staff understand their cyber threats and how they can better protect themselves online. ‘That’s why we’ve created a free training package, which offers effective cybersecurity measures to help busy professionals increase their self-defense. ‘By getting acquainted with this service, staff can help reduce the likelihood that key children’s education will be disrupted by perpetrators.’ The training, which is based on the major threats facing schools and highlights the impact of cyber incidents.
One study showing how the school lost its school fees after admission staff became victims of a crime of identity theft. After tricking a private school into sharing all the details with their parents, the parents were then emailed by criminals and sent their school fees into a new account by someone claiming to be from the school. This account is fraudulent and the details of the parents have also been sold for fraudulent purposes. So now teachers and entire school staff must know about cyber-security to protect themselves as well as their management system.
By Vedant Soni
Campus Ambassador, WCSF