In the UK and the US, authorities have arrested young suspects associated with multiple hacking campaigns against large corporations. This trend reflects a reality of alarming rates of youth cybercrime. These are just a few examples, but investigations reveal that many of these events begin in our schools.
The Information Commissioner’s Office (ICO) reported an alarming statistic: since 2022, it has investigated 215 hacks and breaches coming from schools. Alarmingly, 57% of these attacks included kids, suggesting that even more disturbingly there may have been intentionality in the targeting of their victims. In one high profile example, the breach affected a seven year-old. This resulted in a referral to the National Crime Agency’s Cyber Choices programme, which helps educate young people on the wider impact of their actions.
The youth cybercrime culture is more and more mixed in with English-speaking teen gang culture. The ICO’s findings paint a grim picture of a growing, alarming trend. Nearly a third of the breaches were students illegally entering staff computer systems by guessing their passwords or stealing teachers’ login information. This trend goes far beyond corrupting the integrity of our educational institutions and risks exposing sensitive data.
The government’s new Cyber Security Breaches Survey has published shocking results. Over the past year, nearly 44% of all surveyed schools experienced a cyberattack or cyber breach. This shocking statistic highlights just how serious the danger public schools are up against as they continue to combat a constantly-changing world of cyber attacks. Staff are often the source of data breaches, as investigations have shown. … and even from third-party IT vendors or other entities with access to school networks.
In a recent illustrative example, three Year 11 students (15–16 years of age) perpetrated a criminal act. They hacked into school databases and leaked sensitive personal information of over 1,400 of their classmates. Each of these examples illustrates how simple it is for students to find and take advantage of gaps in school cybersecurity.
Heather Toomey, Principal Cyber Specialist at the ICO, reflected on the harmful impact of these actions.
“What starts out as a dare, a challenge, a bit of fun in a school setting can ultimately lead to children taking part in damaging attacks on organisations or critical infrastructure.” – Heather Toomey, Principal Cyber Specialist at the ICO.
The ICO echoes the call for more awareness and education about cyber risks for young people. The National Crime Agency’s Cyber Choices programme educates young people on making the right choices online. It further emphasizes the tangible and dangerous repercussions that come with taking part in cybercrime.
Schools are in the middle of an unprecedented wave of cyber attacks. So putting more focus on those preventive measures and education is obviously key. It’s imperative that our educational institutions build robust cybersecurity postures. Simultaneously, students must understand the dire consequences of their digital footprints.
