Everything Rolls Down Hill.... Including Cybersecurity Attacks
Any cyber security professional will tell you; you don’t have to be the BEST; you just have to be BETTER than the person behind you! Hackers…. especially the non-state sponsored type, attack the weakest link. Attacking network infrastructure through brute force, DoS/DDoS, Man in the Middle, SQL injection etc. are still treats but most Fortune 500 companies have protections against such attacks and can recover quicker. So, thinking as a criminal, what’s easier to attack? The nationally recognized bank or the local school district? In reality if all I want to do is collect names, addresses, Social Security Account Numbers (SSAN) to commit some sort of identity or medical fraud, there is really no difference between an adult and a child as long as the information matches and can be used to commit the underlying crime.
I am here to tell you there are only a few places that have my children’s SSANs and one of them is the school district. I am also aware of the fact that many school districts do not have the training or resources to protect the data that they are entrusted with, which is probably why I have credit monitoring on my kids as well.
The challenge, as with parenting, it takes a village! School districts need to partner with security and privacy professionals and vendors to pass along the knowledge to create more educated youth. It is fair to note that approximately 67% of millennials have never taken a high school cybersecurity class. The opportunities are there we just have to roll with gravity.