As more and more schools adopt computer-based digital learning, the risk of cyberattacks on schools grows.
Recently a school in Avon, Connecticut, was targeted by hackers.
AVON, Conn. — Over six weeks, the vandals kept coming, knocking the school system’s network offline several times a day.
There was no breach of sensitive data files, but the attacks in which somebody deliberately overwhelmed the Avon Public Schools system in Connecticut still proved costly. Classroom lesson plans built around access to the internet had come to a halt.
“The first time I called the FBI, their first question was, ‘Well, what did it cost you?’” said Robert Vojtek, the district’s technology director. “It’s like, ‘Well, we were down for three-quarters of a day, we have 4,000 students, we have almost 500 adults, and teaching and learning stopped for an entire day.’ So how do you put a price tag on that?”
The kind of attacks more commonly reserved for banks and other institutions holding sensitive data are increasingly targeting school systems around the country. The widespread adoption of education technology, which generates data that officials say can make schools more of a target for hackers, also worsens an attack’s effects when instructional tools are rendered useless by internet outages.
Schools are attractive targets because they hold sensitive data and provide critical public services, according to the FBI, which said in a written statement that perpetrators include criminals motivated by profit, juvenile pranksters and possibly foreign governments. Attacks against schools have become common, the FBI said, but it is impossible to know how frequently they occur because many go unreported to law enforcement when data is not compromised.
Attacks often have forced districts to pull the plug on smart boards, student laptops and other internet-powered tools.
Schools in the Florida Keys took themselves offline for several days last September after a district employee discovered a malware attack. Monroe County schools Superintendent Mark Porter said teachers had to do things differently but adapted quickly…
The 2,000-student Coventry Local School District in Ohio had to close schools in May as staff worked to fight a virus of that had infected the network. The FBI helped to guide the district through the recovery and offered assistance on best practices…
In North Dakota, where a third of schools statewide were hit with a malware attack last year, it was traced to North Korea, although it’s unclear if that country was the origin of the attack or just the location of a device that was used as a stepping stone, according to Sean Wiese, the state’s chief information security officer.
Diane Ravitch's blog 
I guess I should feel bad for this school district, but I don’t. “Teaching and learning stopped for an entire day?” In what world should that be happening? When the power goes out at my school, or the projector bulb breaks, or the internet is down, or whatever, and I can’t use the tech I have planned, I just break out the whiteboard markers or maps or readings or whatever that are planned for another time and we keep going.
The kids all cheered when the power went out one day. I said, “why should that stop us?” and we went on with the lesson.
If teaching and learning are stopping because tech stops, then this district has FAR bigger problems than being hacked.
yes; give me little else but a chalkboard, chalk and room full of kids and it is interesting what I managed to get done
And my low-tech lessons are FAR more popular and the kids participate far more. Go figure (sarcasm there. This isn’t news to me).
Yes, but… you guys are experienced teachers—a dwindling breed. The “bigger problem” is already onboard, i.e., states w/ proliferation of newbie/ underqualified teachers leaning on canned tech curriculum to get by. The situation described here simply underlines it.
“Attacks often have forced districts to pull the plug on smart boards, student laptops and other internet-powered tools.”
So now teachers have to use their own creative resources and teach. Is there something wrong with that?
Teachers can change lives with just the right mix of chalk and challenges.
——Joyce Meyer
One Book, One Pen, One Child and one teacher can change the world.
—-Malala Yousafzai
Teach the children so it will not be necessary to teach the adults.
———-Abraham Lincoln
Children must be taught how to think, not what to think.
——-Margaret Mead
I am not a teacher, but an awakener.
———Robert Frost
Don’t just teach your children to read, teach them to question what they read. Teach them to question everything!
————George Carlin
Real learning comes about when the competitive spirit has ceased.
————-Jiddu Krishnamurti
I like a teacher who gives you something to take home to think about besides homework.
———-Lily Tomlin
I like this one Carol,
Real learning comes about when the competitive spirit has ceased.
————-Jiddu Krishnamurti
Pretty much ALL schools are technology based, at least with regard to student data.
And people should be most concerned about billionaires like Gates and Zuckerberg who have access to student data from their school “experiments”.
These people represent a much bigger threat than hackers who take down systems for a short period of time.
Tech is being pushed into every nook and cranny of education, in addition to life in most urban centers.
I want to firmly object to the casual use of the phrase “computer based digital learning” and variants. Nothing about these systems guarantees learning Normalizing that idea gives these systems credit for outcomes before the fact, automatically. Tech based system entering our schools are properly called instructional management systems. There is no guarantee that these “digital” systems produce learning.
I am amazed at the naivety among teachers about data mining, and the useless privacy policies in the software they use. Many district-wide or school-wide platforms now offer “plug and play” uploads of class rosters and a teacher of record identification. These attributes of current software are the result of marketing plug and play interfaces by IMS Global (Instructional Management Systems) with multi-national funding from foundations (e.g., Bill and Melinda Gates) and governmental agencies (e.g., National Center for Education Statistics).
Cybersecurity issues are glossed over by the tech industry. They engage in a lot of posturing about “privacy” while offering privacy policies with legalese designed to obscure the fact that there is no privacy, none. And there is little oversight of privacy.
Begin quote
Data about K-12 cyber incidents are sourced from a large variety of outlets, including state and local governments, law enforcement, press reports, other data breach reporting services, social media and online forums, self-reports, and tips offered to the K-12 Cybersecurity Resource Center. While some reports may be ambiguous (and are often incomplete), all are screened for authenticity and relevance before being recorded.
Nonetheless, the database of K-12 cybersecurity incidents is incomplete and only captures a small fraction of incidents experienced by schools, districts, their partners and vendors. To the degree that there are mandatory cybersecurity incident reporting requirements for K-12 school districts, they vary across states. Required disclosures are often not publicly accessible and/or are limited to narrow categories of cyber incidents (such as data breaches over a certain magnitude).
School districts may resist self-reporting if they believe an incident may reflect poorly on their IT management practices. Finally, given a deficit of attention paid to cybersecurity risk management in many school districts, there may also be a considerable gap between when school districts experience an incident and when (or if) they become aware of that fact. End Quote
Much more on this issue with a color coded map of varieties of issues can be found at https://k12cybersecure.com/year-in-review/2018-data/
Many tech companies are better at marketing than they are at tech.
People like Bill Gates got rich on marketing rather than the quality of their products.
The terminology associated with school “reform” was undoubtedly created in the same marketing firms that produce propaganda for the tech companies.
The College Board is now requiring us to upload our rosters into their system. This is how they will be (automatically) registered for the test, so I can’t refuse. No word, and I asked at a College Board night, who will have access to the data. I’m going to give the smallest amount of data possible
If possible, why not create a fake list of students, not the real ones, and submit that.
In other words, make it all up.
Suggestion for your first fake student: Dlanod Bumd-Bumd Pmurt (Backwards for Donald Dumb-dumb Trump) or DDT for short.
If the College Board asks if you spelled DDT’s name wrong, simply reply that he is a synthetic organic compound that was once used as an insecticide, but make sure to add that he is a stable genius and is the greatest test taker in the world.
The second fake student should be Betsy DeVos spelled Ysteb Soved. If the College Board asks you for the country of origin for that surname, lie and say Russia and that Ysteb refuses to return to the country of her origin unless DDT goes with her so they can make beautiful children together that DDT will want to molest later in life.
Some day, the College Board will be recognized as the scam that it is.
Only a person with no ethics would work there.
But we all know their fearless leader has no ethics, since he actually used the school shooting in Florida to get in a plug for AP.
https://deutsch29.wordpress.com/2018/02/22/college-board-ceo-david-coleman-uses-florida-school-shooting-to-promote-ap-courses/
Completely unethical — and so are the people who work for/with him.
My district is all-in on AP, and so I have no choice but to not teach AP. I was told that I would be fired if I didn’t teach the AP class, and that I had no choice but to teach it, even though I don’t want to.
SomeDAM Poet,
My husband and I call Gates, Zuckie, and those like them “Techno-PR****s. They are parasites. They don’t do anything of real value. They just USE what we taxpayers paid to build the Internet. They are parasites of the worst kind.
“As more and more schools adopt computer-based digital learning, the risk of cyberattacks on schools grow”
There is another problem with computer-based learning that is not a risk because it was already happening back when I was still teaching (1975 -2005).
The high school where I worked had a computer lab in the library and a mobile computer lab on carts that were stored in the library. To use the mobile computer lab, teachers had to fill out a request, have it approved and scheduled. On their day. the mobile lab was rolled to their room before the students arrived.
Anyway, my class and one other class was scheduled to use the lab in the library. I never used the mobile lab (laptops not desktops like in the library) because I didn’t have enough space in my classroom for the carts unless I had all the desks removed.
One year while my students were using the computer lab in the library doing research for a project, I was sitting at a table outside the lab area that I was sharing with the other teacher as our students came to us to ask questions and get help.
The librarian was the resident computer expert on campus. She was in the lab area moving around helping students on the computers.
The other teacher and I and the students at our table seeking help were distracted one afternoon when the librarian went ballistic and started shouting inside the computer lab area. A moment later several of our boys came stumbling out of the computer lab with shock and fear in their stunned expressions.
One of my boys came straight to me and swore he wasn’t the one that did it, but he was watching.
I asked, “Did what?”
I found out that another boy in my class had managed to hack past the district’s computer security system that was supposed to block specific sites and they were watching pornography (exactly what you might imagine) when the librarian caught them. The boy that hacked out of the computer lab was the one sitting in front of that one computer station’s monitor. The other boys had left their seats and were standing behind him watching.
That is why the librarian noticed something was going on and checked. The student that hacked his way out of the system couldn’t see that she was onto him because so many other boys had gathered around him to watch over his shoulder.
The hacker was suspended for five school days and his parents had to meet with the principal.
My husband taught at a charter school (long story) about eight years ago. This charter’s “focus” was technology. Three weeks into the school year, he discovered a student what accessing porn on the school computers. It turned out that the student had been accessing it for nearly nine months.
The charter fired my husband for “not observing” the student before he caught the student. Never mind that multiple teachers missed this student’s misuse of the computers for months.
Nothing happened to any other teachers or the student himself.
I think your husband became a scapegoat as the Charter school did what it felt it had to do to protect the school legally and blame someone else, sort of what Donald Trump does all the time.
OK, now we can add cybersecurity insurance – & loads of PD training – to the cost of leaning on digital software in pubsch teaching [which as yet has no $ equivalent, but can be assumed to be along the lines of the very high cost to learning seem in online charters]… To make it apples to apples, add days to the school year to compensate for days of chaos described here lost to teachers/ studs frozen out of digital curriculum, re-grouping to lower-tech resumption of curriculum [reimbursed by ins, but lost to teaching/ learning]. Are we there yet? (tick, tick, tick).
The ineffectiveness, the empty promises, the loss of privacy, the monetizing of children in school, the dangers of “digital learning”! Fie!
Locally, the Syracuse City School District was attacked by ransomware late last week, and has been struggling to reactivate it’s computer system. Payroll, info systems, all of it down and they’ve been told the ransom to unlock the system increases every day the district doesn’t pay.
In my nearby district, every year when the annual state testing goes on we lose our internet/email for several hours district-wide. Our phones are even affected because they are internet dependent. The upshot is that if an emergency occurs in a classroom we have to shout down the hall for help because the phones are down. If you own a personal cell phone you can call out for help (911), but can’t call in to, say, the nurses office because district phones are all down.
Ain’t technology grand? /s
Someone tell the Syracuse City School District to contact R Computer in Concord, California and talk to them to see if they are willing to get rid of the ransomware and recover the district’s files.
That’s who I went to when the desktop that I’m using now was hijacked a few years ago by ransomware and it cost me less to pay R Computer to get rid of the ransomware and recover all my files and software than to pay the Ransom the hackers demanded.
R Compter fixed my system and recovered all of my programs and files and even discovered my old-fashioned spinning hard drive was close to failure so I had them replace it with a solid-state storage device for what I thought was a very reasonable price.
http://www.r-computer.com/