School administrators and IT staff can be super-vigilant, but the hackers are getting better and better at sneaking through security.
the most common cybersecurity threats, and how can school staff avoid them?
Eavesdropping / Man-in-the-Middle (MiTM) Attacks
What they are:It’s likely that you sometimes use a school laptop or mobile device to gain internet access via Wi-Fi networks in public places like coffee shops or airports. If so, be aware that there may be hackers eavesdropping to try and gain entry to any two-party exchange you make so they can filter and steal data.
How to avoid them:Always use a school-verified SIM card, dongle or VPN(virtual private network) to access the internet in public places.
Social Engineering Attacks
According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is delivered via email, often referred to as social engineering attacks. The aim is to interact with the user and influence and manipulate their actions to gain access to systems and install harmful software. Malware uses various guises. Here are some of the most common:
Malware, Phishing, Hacking, Ransomware – oh my! Learn about the threats to you, your users and your library. During this session, we will explore the threats to online security and discuss solutions that can be implemented at any level. Most importantly, we will look at how we can educate our users on current threats and safety
The 188-page “Challenging Government Hacking In Criminal Cases” report, released by the American Civil Liberties Union on March 30, addresses new amendments to Rule 41 of the Federal Rules of Criminal Procedure, which took effect last December.
Under the changes to criminal procedure rules, feds can remotely search computers in multiple jurisdictions with a single warrant. The rules are touted by law enforcement agencies as a way to streamline 100-year-old rules of criminal procedure
PITA, the Portable Instrument for Trace Acquisitionattack, which uses electromagnetic wave detection equipment (available at any computer hardware store) that could “read” the electromagnetic pulses emanating from a standard laptop’s keyboard, including the keystrokes used to de-encrypt secure documents.
The new attack, called DiskFiltration, does something similar using the acoustic signals emitted from the movement of a computer’s hard disk drive (HDD).
One way to beat air-gap attacks, according to the researchers, is to switch to solid-state drives (SSDs), which have no moving parts and therefore emit no noise. However, according to the researchers, “despite the increased rate of adoption of SSDs, HDDs are still the most sold storage devices, mainly due to their low cost.