You've Been Hacked! Explaining Cybersecurity to Students in an Interconnected Era

cyber2

Computer hackers, also known as cybercriminals, are infiltrating our world with ever-increasing sophistication. In October 2016, hackers disrupted service to Twitter, Netflix and other major websites. And just last month, another group compromised the online data of thousands of people and businesses — including hospitals and other emergency services.

Despite the increasing prevalence of these breaches, we still tend to disregard cybersecurity as something for someone else to worry about. But in just a few years, experts predict the so-called “Internet of Things” (IoT) will comprise 20 to 50 billion gadgets. This web of interconnected devices will reach everywhere — both in and out of school — leaving students’ and teachers’ personal data vulnerable to hackers.

It is critical that students understand both the benefits and risks of these devices — not to mention their smartphones. Educators have an important role to play in helping students understand and safely navigate an internet-connected world.

Explaining the Risks of IoT Devices

Amazon’s Echo uses smart technology to respond to the sound of a user’s voice. Google Home can easily play our favorite tunes. But how? It’s not magic. These devices — as well as internet-connected refrigerators, security cameras, baby monitors, coffee machines and more — add convenience to our lives. But kids must understand and take seriously how hackers can use these devices to access data.  

In the cyberattack last October, hackers took down a large swath of the internet by first gaining access to tens of thousands of personal devices such as video cameras and DVRs. Pieces of these devices were all made by a single company that used simple passwords like “password” or “123456789” for all of its products. Once the hackers could access one device, it was easy to access them all. 

These security vulnerabilities put the public’s privacy at risk. Recently, hackers took control of smartphones through a surprising IoT appliance — a slow cooker. That meant pictures, texts and emails were visible to the hackers and vulnerable to theft. In other instances, cybercriminals stole 2 million message recordings from an IoT teddy bear. Researchers discovered that an IoT Barbie could be turned into a spy device. Even internet-connected medical devices are theoretically at risk.

Here’s an easy way to explain IoT hacks to students:

  • A hacker accesses a device, like a webcam, through its internet connection. Devices with weak security or easy-to-guess passwords make easy targets.
  • The hacker can then infect the device with malware, a type of computer virus that takes control of a device.
  • The hacker now has a number of options. He or she can use the device to spy, infect other devices or attack a target like the servers (centralized computers that store network data) targeted in the October 2016 attack.

If a device is capable of connecting to the internet, it’s vulnerable to cyberattack. It’s important for kids to take extra care when using any IoT device that records voice or video, uses personal information, or relies on location-tracking to work.

Here are some important tips that students operating IoT devices can use to help protect themselves:

  • Research the manufacturer. Are they reputable? Have they previously been hacked? Big, established companies based in developed countries are usually the safest.
  • Read up on security features. Is the device password-protected? Can you set your own password? If so, make it a strong password that uses numbers, letters and symbols — avoid common words or phrases.
  • Regularly check for updates. Good companies will regularly update the software on their devices to protect against vulnerabilities.
  • Ask yourself — do you need it? Make sure internet-connectivity is something you really need on the device you’re using. In many cases, internet-connectivity is not necessary for the device to function properly.

 The Supercomputer in Our Pockets

Smartphones are not regularly considered part of the IoT because we tend to use their internet-connectivity actively, rather than passively. But they are undoubtedly much more powerful l— and important to protect — than our other devices. Smartphones have proliferated to the point of near ubiquity over the past 10 years. There are over 2 billion in the world today. Contained within each is often a person’s entire digital identity.

The dangers of unsupervised web surfing are well known. We teach children not to talk to strangers online, to never give away personally identifying information and to always use strong passwords. But smartphones have changed the equation. Not only do these devices provide constant access to the open web, but they put video and audio recording capabilities — not to mention GPS — on a person at all times. Privacy vulnerability is a huge concern.

A great teaching moment occurred last year with the release of Pokémon Go. Like many apps, the game connected with users’ Gmail accounts. But because of a coding error, many users unwittingly granted full access to their email accounts to the creators of the game. The company quickly fixed the error, and no data was compromised. But the incident shed light on just how easy it is to share digital information with apps.

Here are a few tips that students can use to protect their privacy while using smartphones:

  • Research apps before signing up for them. Is it from a reputable developer? Has it had security issues in the past? Use the same approach as when researching IoT devices.
  • Look over the terms of service. What information does it require? Does it track or store your data? Can the developer sell your information? All of these questions are important to consider.
  • Be careful when linking apps to your social media accounts. Giving apps access to your social media accounts makes them vulnerable to hacking. Is there a good reason for the accounts to be linked? Can you sign up without linking to a social media account?
  • Use two-factor authentication. Two-factor authentication requires authorization beyond a password when using unrecognized devices such as entering a code sent to your cellphone. As apps allow, be sure to use two-factor authentication which will make it more difficult for hackers to access the information stored in your apps.

When kids become informed about internet privacy and cybersecurity, they will not only acquire the knowledge they need to protect themselves, but also find opportunities to conduct research and academic exploration that is relevant to their lives.

Featured

  • two large brackets facing each other with various arrows, circles, and rectangles flowing between them

    1EdTech Partners with DXtera to Support Ed Tech Interoperability

    1EdTech Consortium and DXtera Institute have announced a partnership aimed at improving access to learning data in postsecondary and higher education.

  • Abstract geometric shapes including hexagons, circles, and triangles in blue, silver, and white

    Google Launches Its Most Advanced AI Model Yet

    Google has introduced Gemini 2.5 Pro Experimental, a new artificial intelligence model designed to reason through problems before delivering answers, a shift that marks a major leap in AI capability, according to the company.

  •  laptop on a clean desk with digital padlock icon on the screen

    Study: Data Privacy a Top Concern as Orgs Scale Up AI Agents

    As organizations race to integrate AI agents into their cloud operations and business workflows, they face a crucial reality: while enthusiasm is high, major adoption barriers remain, according to a new Cloudera report. Chief among them is the challenge of safeguarding sensitive data.

  • stylized AI code and a neural network symbol, paired with glitching code and a red warning triangle

    New Anthropic AI Models Demonstrate Coding Prowess, Behavior Risks

    Anthropic has released Claude Opus 4 and Claude Sonnet 4, its most advanced artificial intelligence models to date, boasting a significant leap in autonomous coding capabilities while simultaneously revealing troubling tendencies toward self-preservation that include attempted blackmail.