School Climate & Safety

Tech-Savvy Students Hack Into School Computers

By Katie Ash — June 14, 2010 4 min read
  • Save to favorites
  • Print

At Winston Churchill High School in Montgomery County, Md., students were accused of stealing computer passwords and tampering with grades. In Orange County, Calif., a student at Tesoro High School went on trial for hacking into the student database and changing his and several other students’ grades. At Haddonfield Memorial High School in New Jersey, two students were charged with using keystroke-recording software to gain access to passwords that allowed them to break into secure areas of the school’s computer system.

“Students are very, very tech-savvy. Far more savvy than the majority of adults at our school,” says Michael Wilson, the principal of the 775-student Haddonfield Memorial High.

The students at his school were stopped by an observant teacher, who noticed suspicious activity and soon discovered the students were logging in as teachers, says Wilson.

“Teachers and all staff at the school need to be diligent” in keeping tabs on students, he says. Parents, too, can help by monitoring what their children access on the Internet, Wilson says.

“It’s important for teachers and students to have good, open communication,” he says. “And from a principal’s perspective, I really try to have a close working relationship with the tech guys.”

After the incident at Haddonfield, John Miller, the director of technology at the school, says he helped beef up network security by making it more obvious whether the person logged in is a teacher or a student. That way, teachers can tell by glancing at the screen whether a student is logged in as a student or teacher, he says.

In addition, he activated a feature that shows teachers the last time they logged in each time they access certain parts of the network so they can verify whether their accounts have been tampered with.

“There are more features just to make teachers more aware of what’s going on on the network,” Miller says.

Uniquely Vulnerable?

According to a survey of 1,000 New York City teenagers by the Burlington, Mass.-based cyber-security company Tufin Technologies, half the students reported having had their Facebook or e-mail accounts hacked, and 16 percent admitted to trying their own hand at hacking.

Only 15 percent of those surveyed said they had been caught or knew someone who had been caught hacking.

School systems are uniquely vulnerable to hacking, says James E. Culbert, an information-security analyst for the 135,000-student Duval County schools in Jacksonville, Fla.

“In the case of our school system, we’ve got 135,000 [potential] hackers within our district, inside of our same network that houses our student-information systems and HR systems,” he says.

There are key steps, though, that districts can take to help secure information and protect school networks, says Culbert.

In his district, for instance, the student network is separate from the network that teachers and administrators access, he says.

Culbert also makes sure that all new employees are educated about the “acceptable use” policy in the district and what students are and aren’t allowed to do on school computers.

Finally, Culbert travels to a middle or high school in the district roughly once a week and runs reports on the content filter to see which students have tried to access inappropriate material. He then sits down with the top five to 10 worst offenders and talks with them about the consequences of violating the acceptable-use policy.

“That way, when the teachers tell the kids that we are monitoring the activity that goes on, they believe it,” he says.

Preventing Cyber Mischief

One essential tactic in preventing cyber mischief, says Culbert, is making sure that all students and teachers have to log in before they can access the network.

“People tend to behave better when their actions aren’t anonymous,” he says.

Educating teachers, students, and parents about the consequences of tampering with school networks is the first step to protecting school data, says Harold R. Rowe, the associate superintendent for technology and school services at the 100,000-student Cypress-Fairbanks Independent School District in Houston.

Tips

1. Update often. “Acceptable use” policies, which outline what students and faculty are and aren’t allowed to do on school computers, should be reviewed frequently, and all users of the school network should be educated on what the document contains, as well as the consequences for violating it.

2. Stay secure. Be sure that each person who uses a school computer has to log in. In addition, using role-based access can help prevent students from accessing secure parts of the network.

3. Create separate networks. Insulate the student network from the network used by teachers and administrators, making it more difficult for students to hack into data they shouldn’t access. Keep computers up to date. Use antivirus software as well as security patches that are released.

4. Talk, talk, talk. Promote open communication between students, parents, teachers, IT staff, and administrators so everyone knows what to look for to prevent hacking. Using IT solutions to protect school networks is essential, but educating all the people in the school is the first line of defense.

Emphasizing digital citizenship and ensuring strong authentication measures and passwords are the most important ways to prevent threats, says Rowe, who also sits on the advisory board for the Cyber Security for the Digital District Leadership initiative of the Consortium for School Networking, an ed-tech advocacy group based in Washington.

In addition, administrators need to be consistent and upfront about the consequences for violators, says Rowe.

Talia Colwell, a security specialist for the Vernon Hills, Ill.-based technology company CDW-G, says it’s important for schools to treat their acceptable-use policies as living, breathing documents. The policies should be updated to reflect the latest technological developments, and students and faculty members should be familiar with those changes.

“Security threats are increasingly growing across the board, both internal and external threats,” says Colwell. “It is definitely top of mind from a day-to-day perspective.”

Enabling firewalls—which are integrated into most computers and just need to be activated—and making sure all computers have up-to-date virus software and security patches are easy, low-cost solutions that go a long way to protect school networks, she says.

And the content filters that schools have in place to comply with the Children’s Internet Protection Act, or CIPA, can help prevent students from accessing information about hacking.

“At the end of the day, it truly goes back to the basics of end-users,” Colwell says.

Related Tags:

Research Librarians Jessica Cain and Kathryn Dorko contributed to this story.
A version of this article appeared in the June 16, 2010 edition of Digital Directions as Hacker Patrol


Commenting has been disabled on edweek.org effective Sept. 8. Please visit our FAQ section for more details. To get in touch with us visit our contact page, follow us on social media, or submit a Letter to the Editor.


Events

This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Teaching Webinar
What’s Next for Teaching and Learning? Key Trends for the New School Year
The past 18 months changed the face of education forever, leaving teachers, students, and families to adapt to unprecedented challenges in teaching and learning. As we enter the third school year affected by the pandemic—and
Content provided by Instructure
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Curriculum Webinar
How Data and Digital Curriculum Can Drive Personalized Instruction
As we return from an abnormal year, it’s an educator’s top priority to make sure the lessons learned under adversity positively impact students during the new school year. Digital curriculum has emerged from the pandemic
Content provided by Kiddom
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Equity & Diversity Webinar
Leadership for Racial Equity in Schools and Beyond
While the COVID-19 pandemic continues to reveal systemic racial disparities in educational opportunity, there are revelations to which we can and must respond. Through conscientious efforts, using an intentional focus on race, school leaders can
Content provided by Corwin

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

School Climate & Safety What the Research Says A Hallmark of School Shooters: Long History of Social Rejection
New research finds that shooters in K-12 schools are more often "failed joiners" than loners.
5 min read
Butler County Sheriff Deputies stand on the scene at Madison Local Schools, in Madison Township in Butler County, Ohio, after a school shooting on Feb. 29, 2016.
Sheriff deputies were on the scene of a shooting at Madison Local Schools, in Butler County, Ohio, in 2016.
Cara Owsley/The Cincinnati Enquirer via AP
School Climate & Safety 4 Myths About Suspensions That Could Hurt Students Long Term
New longitudinal research shows that longer in- and out-of-school suspensions have severe consequences for students.
5 min read
Image of a student sitting at a desk in a school hallway.
Jupiterimages/Getty
School Climate & Safety Photos The Tense and Joyous Start to the 2021 School Year, in Photos
Students are headed back to school with the threat of the Delta variant looming. How is this playing out across the country? Take a look.
School Climate & Safety Former NRA President Promotes Gun Rights at Fake Graduation Set Up by Parkland Parents
A former NRA president invited to give a commencement address to a school that doesn’t exist was set up to make a point about gun violence.
Lisa J. Huriash, South Florida Sun-Sentinel
2 min read
David Keene, chairman of the American Conservative Union, speaks during the CPAC meeting in Washington on Thursday, Feb. 10, 2010.
David Keene, the former president of the NRA, promoted gun rights in a speech he thought was a rehearsal for a commencement address to graduating students in Las Vegas. The invitation to give the speech was a set up by Parkland parents whose son was killed in the 2018 massacre at Marjory Stoneman Douglas High School.
Bill Clark/CQ Roll Call via AP