Hackers have increased their efforts to get into databases and email of schools and other educational organizations, according to the Department of Education. The online thieves have begun attempts to get money in exchange for silence about student information. The trouble won’t go away. The best hackers have too many skills.
The Federal Student Aid branch of the Department reported:
Schools have long been targets for cyber thieves and criminals. We are writing to let you know of a new threat, where the criminals are seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records. In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received.
These attacks are being actively investigated by the FBI, and it is important to note that none of the threats of violence have thus far been judged to be credible. At least three states have been affected.
The targets tend to have weak data systems, the report said in a comment on the obvious.
The reports further suggest that employees be better trained to see the signs of hacking, that “vulnerable systems” be updated and limit the access outsiders have to information. All of these have been “best practices” for years, although the report does not say that.
Schools and school districts are among a long list of private and public organizations with data that has been or likely will be compromised. The most well-known recent example is the huge hack that affected 145 million personal records held by Equifax. Research shows that hacks are made on a daily basis across organizations in the United States.
Schools face a problem that is also widespread. Defenses against hackers have not kept up with hacker expertise. There is no sign that will change soon.
School student records will be released soon, the victims of successful hackers. History shows it is inevitable.