Data breaches can happen in any sector, even the least expected ones, such as schools. In this article, we’re going to delve deeper, and understand why schools in South Africa are at an increased risk of data breaches.
Like countries across the world, South Africa is a victim of data breaches. Since the COVID-19 pandemic, there seems to be a rise in cyberattacks, and without the likelihood of the pandemic ending soon, there is the possibility of more attacks occurring, including cyberattacks on schools.
Breaches of student data at schools isn’t a new thing. With the UK and USA recently being affected, there is the likelihood that South Africa is next on the list, particularly with the discovery of the Omicron variant.
The question is, why are schools in South Africa at an increased risk of data breaches? Let’s take a closer look at the reasons why, and discuss how these schools can attempt to protect their teachers’ and students’ sensitive information.
How Do Data Breaches Happen in Schools?
Phishing Emails
Phishing emails are where cyber hackers pretend to be legitimate persons or organisations to scam the receiver. For example, in a school, a teacher or student may receive an email from a person, click on a link or attachment, which can then install certain malware, such as a virus, spyware, or ransomware on that device.
Internal Errors
A common reason for a data breach to happen is because of an error made by someone either working or studying in the school. For example, it could be that a teacher accidentally exposed sensitive data. This could be done by emailing information to the wrong person by mistake.
Why Are South African Schools at Risk of Data Breaches?
They Hold Young Peoples’ Sensitive Information
When children are enrolled into schools, parents are required to provide plenty of details surrounding their children. These details might include names, dates of birth, and academic information, and can be considered really important for their future.
Unfortunately, the sensitive information relating to those young people is often targeted for future identity theft purposes once they are of age.
An American school has expressed their concerns over hackers stealing children’s data. Deborah Ketring, a chief information officer at a school in Missouri, stated, “One reason a hacker might target a school is to access personal identifying information of young children, laying the groundwork for identity theft years down the line. It could be a decade or longer before parents of a kindergarten student ever look at their child’s credit report and realize there’s a problem.”
Educational Email Addresses May be Targeted
Educational email addresses can be targeted for many reasons. Most usually, hackers want access to an email address ending with a legitimate education address because of the future benefits it could provide them, such as further attacks on other individuals in the future. A teacher is more likely to click on a link or download an attachment if it is sent from a legitimate email address.
Limited Security Protections
Unlike large companies, which have highly protected security, schools do not have the same sort of protection.
Most companies will hire specific people whose roles are dedicated and trained to protect the company from being victim to cyberattacks. For schools, this isn’t necessarily the case; they may not have a designated person, or someone who is trained for the role, meaning the right cybersecurity isn’t necessarily being used.
Online Classrooms Have Grown
When COVID-19 spread quickly around the globe, it was a scary time, with many unsure what would happen. Countries went into lockdown, work from home became the norm, schools closed, and online learning was approached. But, this wasn’t anything any country had prepared for in many aspects, including cybersecurity, meaning that the possibility data was or still is exposed is high.
How Can Schools Prevent Data Breaches?
Limit Access to Valuable Data
The biggest mistake that many schools and companies have made in the past is the number of people who have access to sensitive information. Not everyone needs access to everything, meaning there shouldn’t be files on computers or people who have access to information that is of no concern to them or their role.
Make sure that you have a selected number of people who are in charge of those details, these usually being only the people who actually need access.
Implement Regular Training
One way to prevent attacks from happening is to ensure that both teachers and children are aware of what cyberattacks are, why they can be dangerous, and how they can help to prevent them. For example, staff need to be aware of the protocols that are needed to be put in place. Also, the students need to be trained on what could be a cyberattack and how they might be directly targeted, for example, through a phishing email.
It might be that the school hires a person to specifically deal with IT software, and this will include cybersecurity.
Cybersecurity Technologies
Having secure and up to date cybersecurity technology can significantly help improve the number of attacks that schools could be faced with. This could be such things as anti-virus and antispyware software, or a VPN. These cybersecurity technologies will block access and secure remote access.
If you need any further information in relation to cybersecurity, Simplicable has created a blog post that provides 18 examples of cybersecurity, which might benefit a school in preventing future cyberattacks.
South Africa Schools Need to Protect Themselves
What we can confirm from this article is that the risk of cyberattacks occurring on South African schools is high, and precautions need to be put into place. Although it might seem like an attack isn’t on the horizon just yet, there is an increased risk, especially since many schools in the UK and USA have been victims.
Make sure that your school isn’t the next victim of a damaging cyberattack.
Please be advised that this article is for general informational purposes only, and should not be used as a substitute for advice from a trained cyber security professional. Be sure to consult a cyber security professional or the ICO if you’re seeking advice about protecting your data. We are not liable for risks or issues associated with using or acting upon the information on this site.
We give you the best daily information on news, technology, lifestyle, career, health tips, agriculture, business and entertainment. If you can write very well and want to make a living writing online, click HERE!