School administrators and IT staff can be super-vigilant, but the hackers are getting better and better at sneaking through security.
the most common cybersecurity threats, and how can school staff avoid them?
Eavesdropping / Man-in-the-Middle (MiTM) Attacks
What they are:It’s likely that you sometimes use a school laptop or mobile device to gain internet access via Wi-Fi networks in public places like coffee shops or airports. If so, be aware that there may be hackers eavesdropping to try and gain entry to any two-party exchange you make so they can filter and steal data.
How to avoid them:Always use a school-verified SIM card, dongle or VPN(virtual private network) to access the internet in public places.
Social Engineering Attacks
According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is delivered via email, often referred to as social engineering attacks. The aim is to interact with the user and influence and manipulate their actions to gain access to systems and install harmful software. Malware uses various guises. Here are some of the most common:
Mr. Fomenko was recently identified by an American cybersecurity company, ThreatConnect, as the manager of an “information nexus” that was used by hackers suspected of working for Russian state security in cyberattacks on democratic processes in several countries, including Germany, Turkey and Ukraine, as well as the United States.
Rather than issuing blanket denials, Mr. Fomenko is apparently eager to discuss his case, lending another, if still cryptic, dimension to the intrigue, restricted before now to digital codes and online fingerprints.
It’s become increasingly common for hackers to sell compromised streaming accounts for services like Netflix, HBO, and Spotify on the dark web — a section of the internet only accessible from a special web browser. These account passwords are often recovered from phishing attempts, a hacking method that involves tricking someone into giving up their account info to what appears to be a legit source.
The prowess of these three crackers also underscores the need for end users to come up with better password hygiene. Many Fortune 500 companies tightly control the types of passwords employees are allowed to use to access e-mail and company networks, and they go a long way to dampen crackers’ success.