Hackers seem to have a new target in the United States – schools. And it’s not just the school system; the hacks are directed at data about kids, such as social security numbers, discipline records and even medical records.
So far, about 30 schools have had their systems hacked into and their data compromised. In some cases, the hackers diverted money intended for employee paychecks, for which the schools ended up paying the difference. In other cases, schools were hit by ransomware and had to pay thousands of dollars to retrieve their data.
The worst cases are where parents of kids receive texts threatening the lives of their children.
While most instances of death threats could be fake, and merely intended to frighten the parent, the fact that it’s happening is alarming. Hackers typically get into systems for monetary gain or to gain notoriety within the hacking community, but the trend seems to be spreading into other areas.
The only way to preempt this sort of situation is to implement the latest cybersecurity protocols and keep all software up to date, but that’s not always possible for institutions whose resources may already be stretched to available limits.
On one side, there’s the argument that maximum sentences for cybercrimes are far too lenient. On the other side are those who say that laws like the Computer Fraud and Abuse Act are too vague and broad, with very harsh maximums on relatively harmless crimes.
The problem seems to be a big gap between the sentencing norms for cybercrimes versus physical crimes. In one particular case a few years ago, Aaron Schwartz, who committed suicide, faced 13 counts of felony for hacking MIT’s networks and downloading articles from JSTOR without permission. The relatively harmless crime potentially carried a much more severe sentence than violent physical crimes like rape.
What’s the solution? Only a full review of pertinent cybercrime laws against relevant physical equivalents seems to be the way. But will that happen anytime soon? That’s anyone’s guess. Meanwhile, cybercrime and the sentencing of offenders appears to be a moving target.