National cyber co-ordinator Darren Goldie says Aussie schools likely the next hack
An alarming US trend in which hackers target schools, and inadvertently students, could soon arrive in Australia, says national cyber security co-ordinator Air Marshal Darren Goldie.
Australian schools could soon become a major target for cyber criminals who are already targeting students across the globe as a way to gain access to teachers and administrators.
The alarming trend is already playing out in the US where First Lady Jill Biden was working on an initiative to strengthen cyber security across all levels of schooling.
Australia’s first National Cyber Security Co-ordinator, Air Marshall Darren Goldie, identified the trend at a NAB event this week, warning that hackers had identified schools as being at the top end of small-to-medium enterprises, often with high revenues.
“If you consider the profile of a school, they are the same exact size of a successful medium-sized business, with a couple of thousand individuals all carrying personal devices with personal information connected to a school network,” he said.
“They are small enough not to have full-time cyber security teams and generally don’t have the resources for a 24/7 threat response partner. Unfortunately, these are the targets that cyber criminals can attack easily and demand a ransom.”
The hackers targeting schools in the US were not lone actors or small teams but rather global groups.
“The cyber criminals we’re up against are global transnational groups, who aren’t concerned by geographical borders or legal jurisdictions,” Air Marshall Goldie said. “They target households, governments, businesses and the most vulnerable communities, and that’s what I am most concerned with, when I think about Aboriginal and Torres Strait Island communities, the elderly, and in particular, small and medium businesses.”
Threat actors had shifted away from targeting larger corporations who were now ramping up their cyber security practices, and “the growing threat of cyber crime is really pointed towards the top end of SMEs who are more at risk, as they battle competing priorities with fewer resources”, Air Marshall Goldie said.
NAB chief security information officer Sandro Bucchianeri said the bank’s research had found about 40 per cent of SMEs had little to no training in cyber security practices. “SMEs are the backbone of our economy and they employ two in every three Australian workers, so they are a huge driver of economic growth,” he said. “They are why it’s so important we all work together, across the industry, to accelerate and escalate our national cyber preparedness.
“These bad actors can move much, much faster than big organisations can, and that’s the reality of the cyber landscape we’re in. It’s true that they are becoming more sophisticated targeting our most vulnerable communities. The SME sector is particularly vulnerable, as they face increasing costs of living, ongoing labour shortages and rising rates of cyber crime.”
Dr James Curran, the chief executive of school cyber security-focused charity Grok Academy, said that he didn’t believe school students were especially at risk but there were ways in which they might be inadvertently targeted or used as props by criminals.
One example, Dr Curran said, was social media, as many teens were getting their accounts for the first time at the age of 13 and learning to navigate things like friend requests, followers and private messages. “There’s always some social cred that comes from the number of friends or contacts you have on these various social media platforms and so school students aren’t necessarily very choosy about who they accept a friend request from,” he said.
Dr Curran said students didn’t usually represent a good return on hacking investment, however he could imagine “a sequence where you befriend a student so that they supply a file with malware to a teacher”. Schools should also be concerned about the cybersecurity practices of teachers who “might inadvertently share information about students”, he said.
More Coverage
Inside Apple, Amazon and Uber’s war on waste
The tech titans are the biggest buyers of solar and wind energy but that’s not enough to offset the rapid rise of data centres that power the AI boom. Here’s how they plan to stay green.
Is Dyson’s $1000 mop worth it?
The British consumer electronics giant has gone full circle with the release of the WashG1 – but is it enough to convince this tech editor to stop using a mop, bucket and broom?