Are servers of educational institutions really safe?
Online learning is the new concept for colleges and schools ever since Covid 19 pandemic took centerstage.
But its security is also important. During the months July, August and September, there have been 1000 phishing attacks on servers hosting educational websites. These are websites of educational institutions. This figure of cyber attacks was found out by Barracuda Networks. In August this year, the Institute of Open and Distance Learning in the University of Mumbai had to cancel exams after its server was attacked by cybercriminals. The same was the experience of Manipal Academy of Higher Education whose exam software contained malware. It infected the systems of students who opened it. The hacking of student’s computers is a serious concern for students. Students who are looking to learn online are quite perturbed with such attacks. This is seriously shocking news for proponents of distance learning.
Now, let’s learn what’s a phishing attack through an email?
In this case, the phishing emails were sent using the .edu domain due to which clearing all the spam filters on a student’s email account was quite easy. So, when a server with .edu domain name is hacked, you can get access to a lot of emails with a domain name ending in .edu. The search by Barracuda Networks also found that almost 3/4ths of phishing emails sent to students were from accounts of those associated with the educational institutions.
Phishing is an attack through an email where the recipient is lured into opening an email. When you open the email, malware is installed on your system, and it pilfers sensitive information from the system.
Indeed, the security parameters in India on the school and college servers are not as good as those on corporate servers. There can be two disadvantages when an educational server used for online learning is hacked:
- It contains sensitive information: Since the student’s attendance and personal identification information in such courses is stored online in servers, such information theft can prove to be dangerous. Nefarious people can use such information to get ransom from parents of students.
- Cheating becomes easy: It can also happen that the information about exam papers is leaked in the cyber world where students can easily access them.
So, the providers of distance learning courses are now concerned with making the systems safe for students. Hence they are asking the elearning solution providers what are the steps taken by them for data security. This includes the servers on which the data is stored, data audit and whether such companies have hired data security professionals to keep the data safe. Most of such companies are using ERP systems for hosting the company data.
Now apart from elearning solution providers, educational institutions providing online learning courses are also taking steps to ensure that the data is safe. For example, the BML Munjal University is trying to implement data security across all users of the distance learning system including teachers, students, and staff in management. The attacks could happen across all these end-users and hence it is necessary to filter their access.
So, it is best to make servers of online learning systems safe to protect confidential student and parent information.