For most of us, especially the ones who are parents with small children, is difficult to imagine and accept how criminals online end up deciding to target schools. This has been the case more than ever in the last few months.
Since the world has gone remote, schools have been experiencing a major spike in cyberattacks. Teachers are moving towards hybrid or fully remote teaching methods and this is creating new opportunities for criminals, professionals and amateurs alike. This improvised transition is being defined by poor cybersecurity hygiene, vulnerable tools, and sloppy use of the resources at hand.
The consequences of these attacks have been many, from disrupted online classes to essential learning platforms going down. However, one of the most disturbing results has been the public exposure of security CCTV systems.
The Crime in Numbers
The return to school everywhere has been defined by new methods to teach students in the safest way possible. The risk posed by COVID-19 is especially high in classrooms for both teachers and students. So implementing online methods to teach and interact with students is a sound, logical decision to handle the challenge we currently have.
However, with so little time and experience to actually do it, many schools have been trying to implement remote teaching without comprising the right security methods to guarantee stability and privacy. Then we need to take into account the students: users who aren’t likely to behave safely online and may be using unsecured networks.
Check Point Research, a cyber threat intelligence provider, noted the spike in cyberattacks against school facilities in the US. The average number of weekly attacks rose to 608 in July and August 2020 from 368 in April and June.
In Europe, this number was higher at 793 detected cyberattacks. Then, in Asia, the number rose to 1,593 attacks, a 21% increase in comparison with the previous two months.
The Case with Cameras
While most of the successful cyberattacks on schools have been DDoS attacks, phishing, and the occasional ransomware, there have been cases where the hackers have penetrated CCTV systems, publicly exposing the live feed from security cameras online.
This is a major privacy problem, especially considering that the main victims and underage students, including small children in preschool.
It’s worth mentioning a case from 2018 where a series of schools in the UK suffered a series of attacks where the perpetrators gained access to the security cameras operating at the facilities and then proceeded to make the live streams public online.
The website illegally allowing online users to watch the live feed from the affected schools also included hundreds of hacked cameras from public spaces, homes, and private business facilities. What is worse, some of those cameras were installed and operating inside bathrooms at these locations.
This case highlights the risks of unsecured CCTV systems at schools and how the privacy of young students could be violated if the responsible parties don’t choose the security measures wisely. These risks have been magnified by the dramatic changes suffered by institutions trying to transition towards online operations.
As a result, it becomes critical to invest in the right tools to successfully protect IT infrastructure, especially when the victims are as sensitive as young students.