IT Security: What K-12 Admins Need To Watch

• By Bridget McCrea
• 10/28/08

##AUTHORSPLIT##<--->

With schools and the Internet becoming increasingly intertwined, district IT systems are more and more likely to fall prey to cybercriminals looking for their next victims. Knowing this, school districts must become more vigilant about protecting faculty, students and machines from hackers who see such systems as the perfect breeding ground for viruses, botnets, malware and other threats.

Also known as information security, cybersecurity comprises the protection of information against unauthorized disclosure, transfer, modification, or destruction (both accidental and intentional). To help schools tackle this task, the Georgia Tech Information Security Center (GTISC), a national leader in information security research and education, recently released its Emerging Cyber Threats Report for 2009, outlining the top five areas of security concern and risk for consumer and enterprise Internet users for the coming year.

In the report, the GTISC forecasted five key cyber security areas where threats were expected to increase and evolve in 2009: malware--specifically under the guise of benign social networking links; botnets--specifically the spread of botnet attacks to wireless and peer-to-peer networks; cyber warfare--including targets on the United States economy and infrastructure; threats to VoIP and Mobile Convergence--specifically voice fraud and cellular botnets; and the evolving cyber crime economy, including the rise of sophisticated malware-for-sale kits and programs.

Here, Mustaque Ahamad, the GTISC's director, outlines some of the key concerns that institutions should be thinking about right now:

THE Journal: What were the most significant findings of this report?

Mustaque Ahamad: Namely that the threats are growing in sophistication, and becoming more and more difficult to detect. It's also getting harder to figure out exactly what they are, be they malware, botnets, or viruses. Additionally, with the increased usage of smart phones and other devices--many of which now store sensitive data--we're seeing threats migrating to those types of platforms. Finally, we have picked up on the fact that many of the criminals are doing this to make money, and as such are creating entire business models that exploit the technology of individuals and institutions.

THE Journal: How vulnerable are K-12 institutions at this point?

Ahamad: Typically they work with more open environments, and they also possess resources that are very attractive to people on the "other side." Criminals who control a lot of machines that do botnets, for example, must look for a high number of machines to attack. Many of those machines can be found in the school environment, which again is usually based on open environments that are stocked with resources. For example, many of these crimes are data-driven right now, with criminals going after the identity information, Social Security numbers, and other pieces of information that schools maintain on their students and faculty.

THE Journal: What threats are at the top of the list for school administrators?

Ahamad: Those in the academic setting should be most concerned with botnets and malware, the latter of which can compromise your machines, while botnets basically "change" those machines into resources that hackers can use to commit crimes. Our research shows that data will continue to be the primary motive behind future cyber crime--whether targeting traditional fixed computing environments or mobile applications.

THE Journal: How can districts deal with these threats?

Ahamad: For starters, schools districts need to make sure their machines are clean and not being used in this fashion. They also need to use education, awareness and policies that apply across the entire institution. It's about educating the individuals who own and use the IT sources, and showing them how they should be managed in the most secure fashion. Here at GTISC, we also strongly believe that a proactive approach to understanding emerging threats will help us develop more effective information security technologies and strategies.

THE Journal: What's around the next corner?

Ahamad: We are constantly surprised by the creativity of the people who represent the various cyber threats that are out there. There is more to come, and the trend is really elevating security as a major responsibility and role for institutions, which must not only handle current threats, but also be proactive about warding off potential threats by having in place well defined security policies.

A complete copy of GTISC's emerging threats report can be downloaded in PDF format here.