Monthly Archives

October 2020

Schools and Cybersecurity

By Uncategorized No Comments

Between interrupted zoom calls, to phony emails, this year is gearing up for a higher than ever rate of cyber attacks on school districts.

Cybersecurity has been rapidly increasing and in fact, effective September 2019, Governor Greg Abbott signed a bill that would require Texas school district to have a cybersecurity policy. These attempts have unfortunately fallen short as we began the 2020 year. Texas school districts in particular have fallen victim to ransomware attacks more than any other state according to the K-12 Cybersecurity Resources Center.  Texas has had at least 126 incidents in ransomware attacks since 2016. In only this year, we have seen multiple attacks on just the Houston Texas area alone. Country wide, there were 348 publicly disclosed cyberattacks on school districts in 2019, three times that in 2018 (K-12 Cybersecurity Resources Center).

6 Things You Can Do As A Parent or Teacher  

1. Unattended Devices
We know that we write about this a lot but we can emphasize enough how important it is to avoid leaving your devices unattended. This goes for phone, tablet, and laptop. 

2. School Wifi
Just because you are using the school’s WiFi does not mean that you are being safe. Hackers can access WiFi’s so it is most important to be using a VPN when accessing your things at school or remote. A simple google search for aVPN will offer great options currently on the market. 

3. Avoid Phishing Emails
Even though hackers will try and lure the individuals in finance positions within a district, they will also target what they consider “weak links” in the teaching staff that might not have had that much training on ransomware. Make sure you are check who the sender is, any possible grammatical errors, or any personal information requests. You will not be asked by your district to give out your SSN via email for example, so if you are receiving requests of that sort, know that it is phishing. If you aren’t sure and think you might have received a phishing email, forward it to your IT department. 

5. Vishing 

Is a term used to describe voice solicitation, a method using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. This can be common for a school district where a person claims to be the parent of an individual who attends the school. Never give out personal information over the phone. It is better to tell the individual that you will look into it and call them back instead of accidentally divulging information to the wrong person. To learn more about this specific type of social engineering attack, read out Vishing blog entry here


5. Compromised Websites  
Compromised websites are very popular because distracted and busy adults hardly take the time. Especially not to observe a domain website once they have clicked a link from an email that they believe is a trusted source. What hackers will do is send you a very convincing email to an account that you have saying you need a new password and to click a link. The link will the re-direct you to a fake website that looks eerily similar to the correct one. An easy way to avoid is to google the official site and do what you need to do from there. This type of Social Engineering is called Pharming. To learn more about this specific type, check out our blog post on Pharming

Remote Work and Security

By Uncategorized No Comments

How to make sure that your remote work is as safe from hackers as possible. 

As our country has shifted to remote work following the outbreak of Coronavirus, this new way of productivity is also having its own risks. In March of this year, the National Cybersecurity and Infrastructure Security Agency issued an alert about the risks of remote working. It is now more important than ever to secure your work and identity.

7 Tips To Keep In Mind During Remote Work 

1. Phishing 
Phishing emails are now more than ever trying to target employees. Be careful that you with what you believe is a work related attachment. Sometimes it is easier to click on bait with company email because you expect all of them to be work related, but beware, hackers know this.

2. Strong passwords
It can’t be emphasized enough the importance of complicated passwords as well as never repeated a password across different accounts. NEVER make the password to your email address the same as one that is linked to your credit card information with another account.

3. Mobile threat
With remote work, many people are using their mobile devices to do work as well. Stay alert with receiving any text message with links or attachments from someone you do not know.

4. Secure emails
Be sure you are sending an encrypted email when it contains personal information.

5. Secure network
Only connect to wifi networks that you know are secure. If you are using free wifi, your data can be easily accessed by a hacker.

6. Video Meetings
Only use paid accounts such as through zoom or webex to avoid anybody else gaining access. Use a unique ID and passwords for calls as well as create a waiting room so that individuals cannot join unexpectedly. 

7. Unnatteded Devices
Do not leave your computer in the car. It might seem like an easy thing to do while you run an errand, but be warned that there are a lot of people that watch in parking lots hoping to gain access to a device. Leaving your computer unlocked and unattended is not safe practice. Make sure that you are taking your computer wherever you need to be.