BOSTON — As students go back to class, for the most part in a hybrid format, one of the main concerns for their parents and schools is online security.
A recent study from data research company Comparitech shows that, in the last 15 years, Massachusetts has had 44 data breaches in schools and colleges, affecting almost 2 million records.
But let’s face it, 2020 has made our world more digital than ever and those numbers are only going up.
In the last month, we’ve seen virtual meetings hijacked in Westwood & Newburyport.
“There were vulgar messages and they also created antisemitic symbols and racial epithets,” said Newburyport Superintendant Sean Gallagher.
Taunton second-graders were also forced to watch an older student perform a sex act on camera.
“Some of the kids were horrified,” said Taunton parent Bobby Higgins. “They had their hands over their faces.”
But experts say that, with everything going remote in 2020, we’ll likely see even more hacks in schools.
Take a look at this global chart showing a 30-day stretch this summer with almost 10 million reported malware encounters. Hackers targeted education more than all these other industries combined. The top three education threats are Adware, whereas in all other industries there’s more hacking, money skimming, or backdoor attacks.
“What hopefully will come from this is that schools will be almost forced into looking at their cybersecurity policies,” said Comparitech researcher Rebecca Moody.
The hacks could be for monetary gain or just to wreak havoc on school systems to perhaps delay reopening.
“We’ve actually seen in recent weeks the doubling of the amount of the malicious domains compared to previous weeks,” said Mark Ostrowski of Check Point Software. “So it’s all gearing up right for the beginning of school.”
New research that Check Point just released found that the average number of weekly attacks per organization in the academic sector in July-August increased by 30%.
Even with the hybrid learning model most schools are doing, some families will choose to stay fully remote. At Benjamin Banneker Charter for example, only about a third of students are coming into the classroom. Still, for the other two thirds of students, it’s important to remember the school is still responsible for their online safety.
“We had to essentially get a new content filter to protect the kids from inappropriate content online,” said Jared J. Perrine, M.Ed. Benjamin Banneker Charter Public School Director of Innovation, Technology, and Digital Learning.
“We use Bark so we can get notifications if a student is being bullied or if the students are writing about any kind of self-harm and things like that.”
While Bark is free to schools nationwide, not all technology is. That leaves some of the poorer school districts with fewer resources to adequately protect kids, which sadly is a catch 22.
“It could end up costing money long term if you don’t invest in those kinds of solutions right,” said Perrine.
“The biggest lesson learned was to triple-check to make sure we are creating a safe space for everyone especially people at home,” said Gallagher. “This was a negative reminder there are people out there trying to create a divide.”
The tech experts say it comes down to the districts to educate their staff as well as parents about multi-factor authentication, anti-ransomware technologies, changing the password on your home router, not clicking on unknown links, making sure teachers aren’t finding random free tools on the internet to use with their students.
After Westwood high school who had a class “Zoom bombed” last week, it left some parents wondering if Zoom is safe.
“The analogy I like to use for anyone of these collaboration platforms is that we get in our cars every day and we run our errands, but there are guidelines that we follow, the speed limit, we put our seat belt on, so Zoom is the same way,” said Ostrowski.
Here’s what Westwood schools are doing differently according to a letter sent home from Superintendent Emily Parks:
"Specifically, we will be changing the settings in our Zoom account so that users must be authenticated in order to get into the meetings. This means that only individuals who are logged in using a WPS account can be admitted. This should not pose any issues with our students in grades 2 -12 since, by default, they are already logged in with the Westwood G-Suite account. For our Pre K, Kindergarten, and Grade 1 students, we will be developing a way for them to authenticate to their Zoom meetings and communicating that method directly to parents.
In addition, we have enacted the following for security measures and practices:
- As of this morning, we have locked the settings on the district’s Zoom account to require the waiting room feature on all Zoom calls.
- Staff members will not let anyone in from the waiting room without first verifying their identity.
- If they see a name in the waiting room they do not recognize, they will send a message to the waiting room letting the person(s) know that they aren’t able to identify them, and remind them to use their Westwood login information or contact building tech support if they are having technical issues logging in.
- We have limited virtual backgrounds to a handful of district, pre-approved backgrounds.
- Teachers will remind students to not publicly share Zoom links or credentials for their meetings.
Download the free Boston 25 News app for up-to-the-minute push alerts