601-401-2404

InfraGard has released a public advisory from the FBI related to threats against students and parents as distance learning is more prevalent and commonplace. The advisory contains much more information and includes some of our standard advice:
-Keep your computer up to date with the latest security patches.
-Always be vigilant about clicking links (inspect the URL closely), especially when a password, account info, or private information is being requested.
-Share as little information as is absolutely needed.
-Use unique passwords for different systems; consider a password management tool if your list of passwords is too long to remember.
-Use multifactor authentication as much as possible.
If you run into any issues or have any intelligence to report, please contact ic3.org or contact your local FBI field office. If you need help getting in contact, please reach out to us, and we can help get you to the proper authorities.
Full Advisory from ic3.org:

The FBI is raising awareness for parents and caregivers of school-age children about potential disruptions to schools and compromises of private information, as cyber actors exploit remote learning vulnerabilities.

Video Conference Disruptions

When used for real-time instruction, unsecured video conferences are vulnerable to disruption by unauthorized users (e.g., students not enrolled in the class, parents/guardians, or strangers). According to complaints received by the FBI, interruptions include verbal harassment of participants and teachers, use of offensive language, and displaying images containing pornography and violence.

Social Engineering and Phishing

Cyber actors rely on social engineering tactics, such as phishing, to deceive victims into revealing personal information or performing a task. Cyber actors can take advantage of the increased reliance on electronic communications between students, parents, and teachers to craft fraudulent emails. For example, a cyber actor can use the compromised email of a school official to request private information, send a victim to a malicious website, or convince a victim to download a malicious attachment. This could lead to the compromise of home computers or identity theft.

Cyber actors also register web domains that are similar to legitimate websites to capture individuals who mistype URLs, such as ending a school’s name with .com rather than .edu. Subtle changes in website URLs could easily go unnoticed by a user, such as adding or changing a single character. For example, a user wanting to access www.cottoncandyschool.edu could mistakenly click on www.cottencandyschool.edu (changed one “o” to “e”) or www.cottoncandyschoo1.edu (changed letter “l” to a number “1”).a Victims who believe they have clicked on a legitimate link are in reality visiting a site controlled by a cyber actor.

Recommendations

The FBI recommends parents and caregivers implement cybersecurity best practices to minimize the effect of cyber attacks. At minimum, parents and caregivers of students engaged in distance learning should confirm local/home computer networks are secure by implementing basic cybersecurity measures at home and monitor device use to minimize risks to online safety.

Cybersecurity Best Practices at Home

  • Ensure personally owned devices run the latest version of the operating system
    • Upgrade devices running Windows 7 to Windows 10
  • Ensure firewalls are properly configured and secure on routers and computers
  • Replace default router passwords with strong, unique administrative passwords or passphrases
  • Enable multi-factor authentication for all applications when this option is available
  • Install software and application updates as soon as they are released
  • Update and/or confirm wireless routers and other hardware are operating the most recent firmware
  • Ensure personally owned computers use up-to-date antivirus, antispyware, etc.
  • Teach children to recognize and report suspicious email messages and html links to an adult

Distance Learning Best Practices:

  • Identify a point of contact at your school for questions relating to the security of school-issued devices
  • Identify a point of contact at your school to report cyber incidents involving distance learning
  • Understand how software and firmware updates are implemented on school-issued devices (e.g., automatic updates versus updates requiring user action)
  • Change default passwords for school applications when permissible by the school
  • Monitor children’s online activities for unusual contacts or accessing suspicious web sites that are not affiliated with distance learning content
  • Consider covering device cameras when not in use for class sessions
  • Confirm online conferencing platforms used by students are requiring passwords or other authentication methods (such as validation from hosts)
    • Emphasize to students not to share meeting passwords or html link

General Child Data Exposure Best Practices:

  • Monitor privacy settings and information available on social media sites
  • Conduct regular Internet searches of children’s information to help identify potential exposure and spread of their information online
  • Consider credit or identity theft monitoring to check for fraudulent use of child identities
  • If possible, provide minimal amounts of information on children when creating online accounts and user profiles (e.g., use initials instead of full names, avoid using exact dates of birth, do not include photos

Additional Resources

182 Responses

  1. Pingback: cephalexin canine
  2. Pingback: flagyl wirkung
  3. Pingback: porn
  4. Pingback: porno izle
  5. Pingback: child porn
  6. Pingback: porn
  7. Pingback: bactrim reviews
  8. Pingback: porno izle
  9. Pingback: diclofenac wiki
  10. Pingback: stopping celexa
  11. Pingback: obat acarbose
  12. Pingback: actos vendimia
  13. Pingback: porn
  14. Pingback: synthroid sleepy
  15. Pingback: tamsulosin gtube
  16. Pingback: grandpashabet
  17. Pingback: child porn
  18. Pingback: child porn
  19. Pingback: child porn
  20. Pingback: ad rx pharmacy
  21. Pingback: goodrx sildenafil
  22. Pingback: sex historie
  23. Pingback: ivermectin 250ml
  24. Pingback: stromectol generic
  25. Pingback: ivermectin 90 mg
  26. Pingback: animal porn
  27. Pingback: anan脹n am脹
  28. Pingback: child porn
  29. Pingback: child porn
  30. Pingback: trimox ingredients
  31. Pingback: trazodone dosages
  32. Pingback: porn
  33. Pingback: Cocuk pornosu
  34. Pingback: child porn
  35. Pingback: child porn
  36. Pingback: porn
  37. Pingback: child porn
  38. Pingback: child porn
  39. Pingback: sex
  40. Pingback: porn
  41. Pingback: sex historie
  42. Pingback: hardcore porn
  43. Pingback: anal porno
  44. Pingback: child porn
  45. Pingback: sex
  46. Pingback: spam
  47. Pingback: porn
  48. Pingback: porn
  49. Pingback: child porn
  50. Pingback: child porn
  51. Pingback: iporn
  52. Pingback: porn
  53. Pingback: child porn
  54. Pingback: porn
  55. Pingback: porn
  56. Pingback: meritking
  57. Pingback: meritking
  58. Pingback: meritking
  59. Pingback: meritking
  60. Pingback: meritking
  61. Pingback: meritking
  62. Pingback: meritking
  63. Pingback: meritking
  64. Pingback: meritking
  65. Pingback: spam
  66. Pingback: child porn
  67. Pingback: porn
  68. Pingback: Konya SEO Uzman脹
  69. Pingback: porn
  70. Pingback: spam
  71. Pingback: web sitesi kurma
  72. Pingback: child porn
  73. Pingback: child porn
  74. Pingback: child porn
  75. Pingback: child porn
  76. Pingback: porn
  77. Pingback: ankara psikolog
  78. Pingback: child porn
  79. Pingback: porn
  80. Pingback: porn
  81. Pingback: silivri avukat
  82. Pingback: porn
  83. Pingback: porn
  84. Pingback: child porn
  85. Pingback: mail order levitra
  86. Pingback: sildenafil 60mg

Leave a Reply