Most common NETWORK ATTACKS Seen in k-12 Schools!
Most common NETWORK ATTACKS Seen in k-12 Schools!
Embedded Files
Password-based attacks
Password-based attacks
A password-based network attack involves a perpetrator using unlawful or unjust methods to gain access to password-protected accounts. Network password attacks can be achieved in many ways
Through the use of malware
Multiple attempts to guess password combinations until finding the correct one
Spyware and ransomware (types of malware) to gain access to passwords
Traffic interception
Man-in-the-middle attacks
Overall, password-based network attacks can either be used via non-electronic methods or through undetected online methods. In schools, it is important to teach students how to keep their passwords safe and secure to avoid theft. However, it is also important how to educate the use of the right applications and software to detect and protect from password thieves.
Malware
Malware
Malware, in most simple terms, stands for "malicious software." This kind of software can be dangerous, especially to a school district, because it infects networks and organizations.
Steal money
Sell student data
Damage one's reputation
"The present study will focus on malware infections, one type of cybercrime, which are viruses consisting of malicious software used to disrupt services or extract data. In 2019, over 2,000 victims reported malware infections, which amounted to over $2 million in losses. While some malware infections are easily recognizable, many can go undetected and thus unreported" (Gero et al, 2021, p. 26).
Malware network attacks have been more common in recent years due to the COVID 19 pandemic. Therefore, as we become more virtual, it is the digital responsibility of educators to be on the lookout for malicious malware that could pose a threat.
STOP & REFLECT -- WHY ARE SCHOOLS TARGETS OF NETWORK ATTACKS?
"In addition to their direct disruptive implications in the form of breaching students’ and staff’s privacy, interrupting learning processes, causing financial losses and intellectual property rights theft, cyber incidents against education can also ultimately lead to reputational damages" (Fouad, 2021).
Schools and educational systems are often targets of hackers and network attacks because of the institutions' academic, financial, and personal data. It can be alarming, considering that payroll information, student history, and academic data could all be easily targeted through network corruption. There are many opportunities to theft credentials from both students and staff members with schools.
Think... IT TAKES A LOT OF PROGRAMS & COMPANIES TO RUN A SCHOOL!
Think... IT TAKES A LOT OF PROGRAMS & COMPANIES TO RUN A SCHOOL!
Therefore, we need to be on the lookout for emails that seek to redirect or connect us to compromised networks. Hackers will also do research and investigate what third parties are associated with schools to gain better access to information.
Therefore, educators must take on the digital responsibility of educating themselves on how to properly counter and limit ways that hackers can compromise vital information.
phishing attacks
phishing attacks
One of the most common network attacks to be aware of, especially in schools, are phishing attacks from unknown parties. Phishing is a hacking technique that involves an attacker posing as a reputed person or organization using some kind of communication method.
The chances are that if you have ever received a link from a questionable source or thought, "why is this person sending me this link?" -- then you have almost been a part of a phishing scheme.
"From 2016 through 2020, the median amount of money stolen from school districts via phishing campaigns is $2 million"(Sander, 2021).
Phishing hackers often target schools because of how easily people can fall into the trap of clicking a link or engaging with someone that they may trust. As the user, we might not think twice about clicking an email from a respected colleague or an organization we commonly work with. However, phishing hackers pry on this trust and use it against a person.
Dos attacks
Dos attacks
DoS attacks mostly result in one thing -- SABOTAGE!
This type of network attack mostly comes from the means to "shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account holders) of the service or resource they expected" (What is a denial of service attack (DoS)?, n.d.).
So if there is no theft, then why is this dangerous? Doing someone harm does not come from just stealing assets and money; it can also come from destroying one's reputation. Therefore, it is essential to note that DoS attacks can reputably damage systems if their services are being constantly crashed or are inaccessible
(Lukeheart, 2021)
formjacking & Man-in-the-middle Attacks
formjacking & Man-in-the-middle Attacks
Formjacking is a type of man-in-the-middle attack when a personal connection is tapped by a hacker in order to gain personal information and data. These types of attacks happen when you think you are sending your info to one person, but you are actually sending it to someone else as well.
Scenario: In a formjacking scenario, a user may be purchasing tickets off a third-party website for a concert, but when they submit their payment information, they are really sending their information to an attacker who has intercepted the network connection.
"During a conventional MITM attack, the attacker creates a separate connection with the clients and relays transmission packets, making them believe that they are connecting to the Internet directly, while actually, the whole communication process is being manipulated by the attacker" (Wang, & Wyglinski, 2016, p. 408)
A man-in-the-middle attack is an invasion of a network for the purpose of spying or posing on two communicating parties.
A man-in-the-middle attack can be dangerous because the attacker interrupts a network connection between two people, making them believe they are in communication with each other when they are not. In schools & education, the sharing of sensitive information or personal data can be compromised, which can lead to extortion and the theft of private materials and/or data.
Page updated
Report abuse