“e-Rescuing” the Most Vulnerable with FOSS: Protecting Students and Schools from Data Theft in an Increasingly Dangerous Cyber Environment

an essay by Jeffrey Peterson

 

The Disturbing Trend: A Wave of Attacks on Education

Over the past year, a scary truth has come to light in the world of cybersecurity. There has been a constant wave of cyber attacks that are purposely targeting schools and their most vulnerable members: students.

Hackers have stepped up their attacks on schools, taking advantage of weaknesses in digital defenses to cause chaos among our important places of learning [1] (Greig, 2024). This growing number of cyber attacks shows just how vulnerable our connected world is, especially when it comes to education.

 

Escalating Threats and Devastating Consequences

A report from NPR says that the number of publicly reported cyber attacks targeting schools and colleges almost tripled between 2020 and 2022, and 2023 looks like it will be even worse [2] (Cardoza, 2024). Doug Levin, the national director of the K12 Security Information Exchange, warns, “The threat actors know that schools are relatively low-hanging fruit” [3] (NPR, 2024).

Many school districts have been victims of these attacks, including Butte School District in Montana, Edmonds School District in Washington, Fullerton Joint Union High School District and Glendale Unified School District in California [1] (Greig, 2024). The Groveport Madison Schools in Ohio had to use “old school” teaching methods for several days after a ransomware attack by the BlackSuit gang, which claimed to have stolen staff data [Id.].

The effects of these cyber attacks on schools are wide-reaching and deeply troubling. In addition to disrupting learning and stealing sensitive data, these incidents can cause lasting emotional harm to students, making them feel unsafe and lose trust in the very schools that are supposed to help them grow [2] (Cardoza, 2024).

On top of that, the financial cost of such attacks can be overwhelming, taking away valuable resources from educational programs and initiatives.

 

Windows Vulnerabilities: The Achilles’ Heel of School Cybersecurity

The root of this problem is the widespread use of computers running Microsoft Windows in schools. With a huge 73% global market share, Windows has become an irresistible target for cybercriminals creating viruses and malware [4] (Drapkin, 2022).

The long-term popularity of Windows has given bad actors plenty of time to study and exploit its weaknesses, making it easier for them to attack schools.

A disturbing report by Atlas VPN shows that over 100 million new pieces of malware were made specifically for Windows devices in 2021 alone [Id.]. This shocking number means there were a staggering 328,000 new threats every single day, or a scary 227 per minute [Id.].

The main reason for this weakness can be traced back to the very structure of Windows. Unlike operating systems like Linux and macOS, which were designed with security as a top priority, Windows was never built with strong security measures in mind [5] (Bhardwaj, 2024).

Its long-standing use of administrator accounts and lack of proper multi-user support made it easier for malware to run and change important system settings [Id.].

 

Linux: A Beacon of Hope in the Fight Against Cyber Threats

On the other hand, the Linux operating system has built-in security benefits that could greatly improve defenses in schools. Its design focuses on strong user permissions, controlled software installation processes, open-source code that can be checked by anyone, and quick patching of vulnerabilities [6] (Wallen, 2023).

As a ZDNET article points out, “Linux might be your best bet for heightening your desktop computer security,” with an almost unbeatable track record against viruses, malware, and other threats [Id.].

 

Embracing Open Source: A Pathway to Enhanced Security and Improved Student Outcomes

As the cyber threat continues to hang over schools, a strong solution emerges – the adoption of free and open-source software (FOSS) like Linux. By switching to Linux in schools, institutions can strengthen their digital defenses while also promoting a culture of cybersecurity awareness [Id.].

The inherent design of Linux, with its emphasis on permission control and sandboxing, greatly reduces the potential damage of malware [Id.]. Moreover, the open-source nature of the software allows for transparent checking and collaborative efforts in quickly finding and fixing vulnerabilities.

In addition to security, using Linux can improve student outcomes and prepare them for the future, as shown by Britain’s Westcliff High School for Girls Academy (WHSG). By teaching programming tools like Scratch alongside Linux, WHSG better prepared students for future technology careers – a highly relevant goal for American schools today [7] (OSOR, 2013).

By moving away from teaching proprietary software skills, WHSG aligned with the government’s vision for computer education, emphasizing coding, logic, and technical understanding.

 

A Call to Action: Safeguarding the Future of Education

In the digital age, protecting our schools and the safety of our students must be a top priority, requiring a united and unwavering commitment to strengthening our cybersecurity defenses. The growing cyber threats highlighted by the NPR report serve as a wake-up call for action, urging schools to rethink their technology choices and prioritize security over convenience [3] (NPR, 2024).

Many teachers, staff, and students may lack advanced cybersecurity knowledge, unintentionally leaving doors open for malware to sneak into school systems. By adopting secure computing solutions like Linux and fostering an environment of cyber awareness, we can work towards a future where the pursuit of knowledge and education can take place without the constant threat of cyber attacks targeting the most vulnerable members of our society [6] (Wallen, 2023).

 

Switching to FOSS and Linux can make a positive difference

Only through a proactive and collaborative approach, involving educational stakeholders, cybersecurity experts, and policymakers, can we hope to reduce the risks posed by these ever-present threats and protect the sanctity of our educational systems in the face of a growing cyber onslaught.

Switching to Linux presents a strong, community-driven alternative that could bolster defenses and enable schools to better prepare the next generation for future technology careers [7] (OSOR, 2013).

The time for action is now. We must come together to protect our students, our schools, and our future by embracing the security and educational benefits of Linux and open-source software. By doing so, we can create a more secure and enlightened educational landscape, where the pursuit of knowledge is not hindered by the constant threat of cyber attacks.

It is our shared responsibility to ensure that the most vulnerable among us – our children and students – can learn and grow in an environment that prioritizes their safety and well-being above all else.

 

Conclusion

As clearly demonstrated, the alarming rise in cyber attacks targeting schools and students highlights the urgent need for a major shift in educational technology. The inherent weaknesses of the Windows operating system, combined with the growing sophistication of cybercriminals, have created a perfect storm that threatens the very foundation of our schools.

By embracing the security advantages and educational benefits of Linux and open-source software, we can strengthen our defenses, improve student outcomes, and pave the way for a brighter, more secure future.
Let us unite in this critical endeavor, for the sake of our students, our schools, and future generations.

JP

References:

[1] Greig, J. (2024) ‘Data theft plaguing K-12 schools after holiday season attacks’, The Record, 26 January. Available at: https://therecord.media/data-theft-plaguing-schools-after-attacks

(Accessed: 14 March 2024).

 

[2] Cardoza, K. (2024) One reason school cyberattacks are on the rise? Schools are easy targets for hackers. National Public Radio, 11 March. Available at: https://www.npr.org/2024/03/11/1236995412/cybersecurity-hackers-schools-ransomware

(Accessed: 14 March 2024).

 

[3] NPR. (2024) Students, schools brace for more cyberattacks aimed at stealing identities, credit. National Public Radio, 12 March. Available at: https://www.npr.org/2024/03/12/1237497833/students-schools-cybersecurity-hackers-credit

(Accessed: 14 March 2024).

 

[4] Drapkin, A. (2022) Over 100 million pieces of malware were made for Windows users in 2021. Tech.co, 26 November. Available at: https://tech.co/news/windows-users-malware

(Accessed: 14 March 2024).

 

[5] Bhardwaj, P. (2024) Why Does Windows Attract More Viruses Than Mac or Linux? Medium. Available at: https://medium.com/@pranav-bhardwaj/why-windows-attract-more-viruses-edc251a57561

(Accessed: 14 March 2024).

 

[6] Wallen, J. (2023) Linux might be your best bet for heightening your desktop computer security. ZDNet, 12 October. Available at: https://www.zdnet.com/article/linux-might-be-your-best-bet-for-heightening-your-desktop-computer-security/

(Accessed: 14 March 2024).

 

[7] Open Source Observatory (OSOR). (2013) British school switches students’ computers to Linux, reducing costs and improving computing knowledge. 20 September. Available at: https://joinup.ec.europa.eu/collection/open-source-observatory-osor/document/british-school-switches-students-computers-linux-reducing-costs-and-improving-computing-knowledge

(Accessed: 14 March 2024).