High school and university students must be taught valuable cybersecurity lessons that help protect their student and personal accounts, the university network, and their personal information. Hackers can try to access student accounts as a means of acquiring unauthorized access to a university’s network, which will help them launch further attacks or move laterally through the system if they find vulnerabilities to exploit. More importantly, student personally identifiable information (PII) is still valuable on the dark web, and hackers will steal it just to sell it to other bad actors that will use it for identity theft or other attacks down the line. Here are 3 critical cybersecurity lessons every student needs to know!
Sharing Personal Information
High school and university students can be prone to sharing a lot of personal information online, and this can sometimes give malicious actors just the information they need to start guessing passwords or brute forcing security questions to important accounts. Young students that have not been taught how to create secure passwords may use references to media or hobbies as an easy password to remember, and this can become a bigger problem if they reuse passwords across accounts. Students should be taught not to use passwords that can be easily guessed based on their hobbies or the information they share online. Additionally, PII, such as street names they used to live on, should not be shared online at all.
Device and Application Updating
With the high number of devices that make up the digital lives of high school and university students, they can present malicious actors with a large attack surface open to low-hanging fruit attacks. Phones, laptops, tablets, and other smart devices that high school or university students use should be updated regularly to prevent old vulnerabilities being used to launch attacks against their devices. These students must be taught that attackers specifically search for unpatched devices, so simply keeping them up to date can help prevent a wide variety of attacks on its own.
Common Phishing Strategies
Once students have access to an email address, it is critical that they are taught how to defend against common phishing strategies used by malicious actors. While many attacks are obvious because of unbelievable propositions or poor construction, students can still be targeted by wide-net phishing campaigns that try to mimic trusted websites and vendors. Students should know not to clink on links inside of an email and to be extremely cautious of password reset requests or emails asking for personal information that come without them requesting it. Students must also know how to handle suspicious emails and the tools available to them to report phishing activity to their school or university.
Summary
As soon as high school and university students acquire devices and a digital footprint, they should be taught how to defend their personal data and accounts. Teaching these lessons early will help them in their personal lives and better equip them to protect company data when they enter the workforce, so strong cybersecurity habits should be introduced early and taught often. Every school should implement a flexible and reliable cybersecurity training platform for their students and work with an IT consultant to make it as helpful and reliable as possible. If you think your school needs to upgrade its training platform or implement a new one, then our security experts are ready to provide a complimentary consultation today!