One of the many unique themes of K-12 cybersecurity, compared to other industries, is how closely it is tied to cyber safety. One example of this relationship is that between cybersecurity and cyberbullying. While, on the surface, they are two different things, there are similarities between the two.
On one hand, hackers are known to use cyberbullying tactics to try to obtain money and/or information from their victims. On the other, cyberbullies often take inspiration from hacker playbooks to harass their victims. In fact, minors who are cyberbullied are nine times more likely to be victims of identity fraud than those who are not.
The connections between cybersecurity and cyberbullying are rarely made, but in our world, it’s yet another reason why K-12 cybersecurity is so important. Since October is both Cybersecurity Awareness Month and Cyberbullying Prevention Awareness Month, we decided to explore this commonly overlooked intersection between cybersecurity and cyberbullying.
District IT admins are discovering new and confounding ways that students use school technology seemingly every day. Activities such as using Google Docs as chat rooms, sharing Google Meet links with others outside their classmates, and uploading explicit images to Google Drive are just a few examples of behavior that administrators have to “whack-a-mole” in their domains.
There are also many examples of students taking cues from hacker playbooks to bully others—both on and off school technology. One popular example is to create one or more fake profiles using their victim’s name. They will then use the profile they created to behave badly. This may include sharing inappropriate images, cyberbullying other students, and doing a variety of things that can embarrass or get their victim into trouble.
Cyberbullies are also known to create fake profiles and use that access to befriend their victim online. Once they’ve established a relationship, the bully can coerce the victim into providing content they can use against them such as naked images and/or talking badly about teachers or peers. The bully can also coerce the victim into providing personal information that they can exploit.
While the first two attacks can’t be accomplished on school domains, since new user creation is closely managed, another cybersecurity threat that cyberbullies are becoming more skilled at is hacking into their victim’s account. These attacks can happen to school accounts as well as the victim’s personal social media, email, gaming, or other online accounts. From there, the bully can then use the victim’s profile to behave badly and/or harass the victim’s friends and contacts, gain access to their personal information, and more.
Many students don’t find it suspicious when strangers contact them online. Couple that with the skills predators use to groom, coerce, and bully students and you have some terrifying situations.
An increasingly troubling issue in K-12 school districts is sextortion. In fact, it’s gotten so bad that the FBI is getting involved in sextortion awareness campaigns for students, parents, and caregivers.
Predators are making contact with students, grooming them, and then enticing them to send sexually explicit images. Students who are being bullied, feel excluded, or who don’t have many friends are especially vulnerable to this type of approach. They are often more willing to believe that the predator loves them. These predators aren’t just in it for the images. They may use it to bully and blackmail their victims for payment and/or further sexual acts.
There are also cybercriminals who will hack into a student’s account and find embarrassing or explicit photos or videos, and then use it to blackmail them. The hacker threatens the student and coerces them into giving them money to avoid exposure of the material. Sometimes a hacker will make the student believe that they have embarrassing content even if they don’t, and then cyberbully and blackmail them.
There have been several incidences of ransomware attacks turning into blackmail. Unfortunately, the move to remote learning due to the COVID-19 pandemic has given hackers even more opportunity. For example, districts in California, Connecticut, New Jersey, Ohio, Virginia, North Carolina, and Nevada were all recently hit with ransomware attacks.
Since many students, teachers, and staff are relying on remote access connections, the need for districts to audit their cybersecurity infrastructure is even more important than ever.
In the past, hackers would launch a ransomware attack to extort money from the district. Now, they’re increasingly threatening to release district data if they aren’t paid within a specific timeframe. And, as in the recent incident in Nevada, hackers certainly do release the data if they’re not paid.
There are also several terrifying examples of cybercriminals threatening students physically unless a school district met their demands. One example includes Johnston Community School District in Iowa where a hacking organization threatened to release information that would make it easy for “any child predator” to “easily acquire new targets.”
The criminals also messaged threats to parents of students in the district. The messages got very specific, including the child’s name and school, and threatening to harm them. The district closed down eight schools for one day to do a security sweep, reopening the next day with additional security. It was later determined that the hackers got student information and parent phone numbers from a server kept by a third-party vendor.
The FBI and the K-12 Cybersecurity Resource Center have reported significant upticks in district cybersecurity incidents since the start of the school year. According to the Resource Center, there have been 220 attacks for the 2020 calendar year as of mid-September. Compare that to the 348 in all of 2019, and since the school year has just started, there is a clear problem.
In many cases, students and staff are returning to school networks with devices that have been out of the network and away from IT oversight since last spring. Cybercriminals already viewed K-12 school districts as low-hanging fruit before the pandemic. Now that schools are more reliant on online technology than ever, they’re even more of a target.
At the same time, students are dealing with increased stress, anxiety, and boredom as the COVID-19 pandemic continues to keep them physically isolated. There isn’t a lot of research on how this will impact students’ online experiences, but schools should plan on remaining diligent when it comes to monitoring online behavior and detecting when a student needs additional resources. We could see a rise in cyberbullying as students spend more time online.
District IT teams need to understand that there are relationships between cybersecurity and cyberbullying, and they need to be able to monitor their district’s applications and information systems to detect such issues.
One strategy that is helping districts is the use of the NIST Cybersecurity Framework standard to help fight against the rising occurrence of cybersecurity and cyberbullying threats.