Cyber threats: Some thoughts

The recent WannaCry ransomware outbreak clearly identified the importance of keeping operating systems and other apps up to date to protect against identified vulnerabilities.   Given the high level of news publicity it is likely that a lot of us went home and updated our home PCs and also checked with IT departments to make sure they had done the same with company machines.    The outbreak, in my opinion, highlights a number of critical issues.

The vulnerability in this case had been previously identified and a patch made available by Microsoft, as such had all machines in the world been patched the impact would have been minimal.     But what if the vulnerability had not have been previously identified?    Had this been the case the attack could have been considered as a “zero-day” attack as it would have been on an unidentified vulnerability.    This would therefore have required the identification of the vulnerability followed by the coding and release of a patch, all post the initial infection.    In this case the impact of the ransomware would likely have been much more significant than it was.

The WannaCry Ransomware was specific to machines running Microsoft operating systems.    This has already resulted in a number of comments online suggesting people make use of Linux or Apple as these weren’t affected, suggesting that these may be safer systems.    As an operating system Microsoft has the predominant share of the desktop and laptop markets although the specific figures are difficult to ascertain.    This makes Microsoft machines a preferred target as there are simply more machines to attack.    Although there are differences in how the operating systems are managed, with Apple using a very closed development process and Linux using an open source approach, Apples OS, Linux and also Microsoft OS’s are all equally complex.   It is in this complexity that lies the risk of as yet unidentified vulnerabilities with equal risk across all the above OS’s.    The difference currently lies in the fact that Windows is the most common desktop OS, however if we were all to go out and buy an Apple or install Linux, it is likely the threat of attack would follow the masses.

My final issue is that of the devices we don’t give much thought to.    We think about the operating system of our laptop or desktop and even these days of our phone, and in thinking about these we carry out, or not, the required updates.    Our homes however increasingly contain more and more internet enabled devices and I would suggest we don’t give these the same level of thought.   My router, with which I connect to the internet, runs software in order to allow it to connect, to allow it to present an admin page along with providing other functionality.   This software is basically its operating system.     Your SMART TV runs an operating system which allows it to respond to your voice commands, search the internet and also carry out its other functions.    Your web connected home surveillance system runs an operating system which allows it to connect to cameras around your house and to allow you to connect in to view footage remotely, again, along with other functions.   And what about your wireless printer?    The above is the tip of an ever growing iceberg, however do we know how to upgrade the software in these devices to protect against identified vulnerabilities?   Do we know whether these devices automatically update or how to change the update settings?   Do we know how to check the version number or when the last update was done?

Microsoft called the recent attack a “wake up call”.   I tend to agree.    We need to be more aware of the implications of the use of each technology item, be it hardware or software.   We need to be aware of the risk to which usage exposes us as well as the precautions which we need to take.

My biggest take away from the whole incident is a reminder of what Nassim Taleb described in “The Black Swan”.   On Thursday 11th May all was well, systems were generally safe and precautions were in place.   Largely we didn’t expect a serious whole world cyber incident.   By the following day it was clear all was not well and that significant vulnerabilities existed.   A global cyber incident was underway.   A lot changed in a day and we didn’t do too well at predicting and preparing for it.    What shape will the next incident take if we can’t predict it?     And are those areas where we believe we are the safest those which are most at risk given we are unable to predict the unexpected?

A cyber learning opportunity

The global cyber attack of yesterday marks a learning opportunity in relation to discussing cyber security with our students.     It is important that our students are aware of the implications of such attacks including the impact and also the measures that can be taken to protect against attacks being successful or at least minimise their impact.

So what are the key learning points to take away from this incident and to discuss with our students:

OS and Software Updates:

One of the key points to take away is ensuring that desktop and server operating systems are regularly updated.  This includes updates and also upgrading of versions, for example upgrading from Windows 7 to Windows 10.    Older operating systems eventually stop receiving support from those that produced it, meaning that new security flaws which are identified go unaddressed leaving users vulnerable.  Support for Windows XP ended back in 2014 so users of XP would be vulnerable to flaws identified between then and now.     For more modern operating systems such as Windows 7 and 10 the key here is the updates.   These updates provide the fixes to security flaws as they are identified and therefore it is important to keep your system updated to make sure vulnerabilities are promptly addressed.      This expands beyond operating systems to application software as well, as equally applications which have not been updated may expose users to vulnerability which the appropriate updates would have addressed.

Data Backup:

In the case of ransomware backup is critical as the virus will encrypt all files it can get access to.  As such at this point you can either pay the ransom which may or may not get you your files back, or, assuming you have kept backups, roll back to your latest backup with only minor loss of data.    As such regular backups represent the best protection against ransomware attacks.   The more regular the backup the less the loss so a weekly backup means a loss of up to a week worth of work, whereas a nightly backup reduces this loss down to 1 day worth of work in the event of a successful ransomware infection.

User Awareness:

The weakest point in the network is usually the user, the human being making use of the system.   An IBM report from 2014 identified that 95% of security incidents involved a human being.    It is unlikely that this figure has changed much.   As such it is important to try and educate users to exercise caution and to be aware of the precautions they should be taking in relation to suspicious emails, password security, etc.


While not protecting you against zero day attacks or new variants anti-virus will provide some protection against existing identified threats.   It is also worth noting that new anti-virus products are introducing new capabilities such as heuristic based identification of threats and sandboxing to provide additional protection.


A key security maxim has always been assignment of minimum privileges required.   This means ensuring that users only have access to the files that they need to have access to in order to carry out their role.    This includes defining whether a user is limited to reading files or can in fact modify or delete them.    This also includes whether users have access to specific networks or whether their access is limited, such as in the case of a guest user.     By limiting access in this way we limit the impact of ransomware or other viruses to some extent.   As such in looking at the resources on our network assigning the minimum privileges is a key step.


The recent attack is the largest attack I can remember since the Love Bug Virus which I vaguely remember from back in 2000.   It is likely that such attacks will become more common as we become more and more connected and reliant on technology, adding more and more connected devices into our homes and using more and more software apps in our daily lives.   As such, in preparing our students for the future, it is important that we take every opportunity to discuss how these attacks can and do impact on us and how we might all take appropriate precautions.    With the latest incident so widely reported in the news, now is a good time.



Home network security and digital literacy?

Our home networks have been ever growing.   Originally it was just having a basic network for a PC at home, which at the time was usually just a desktop connected to a dial up connection.    Now however, we have a host of devices, games consoles, personal devices and home appliances all on our home network, all adding to the complexity and therefore the security risk of our home networks.

Following on from our basic dial up connection our home network started to grow, first with the addition of Wi-Fi capability to allow internet access for laptops and also mobile phones.   Next, with the introduction of broadband and fibre, our children might have introduced a gaming system such as a PlayStation or Xbox into the house again linked to the network and the internet.   Next we start introducing networked and then Wi-Fi enabled printers before moving on to add home helper devices such as the Amazon Echo or Google Home.   We might even have added Internet of Things devices to our home network such as remote managed heating and lighting, or an internet enabled fridge freezer or kettle.    Internet enabled, and therefore network connected, surveillance may have been added in the form of a home security system or possibly a baby monitoring system.   The list of network connected home devices continues to grow and with that the complexity of our home networks.   They are now at a point where the complexity of a home network may equal or even exceed that of a small business network.

The issue here is security.      When we pick up our laptop to go on the internet to access our personal banking we assume it is safe to do so due to the various safety features on our laptop and on our Wi-Fi router.     We think about our security largely in terms of separate devices however our network security is largely based on the sum of all devices connected to the network.      Therefore, the more devices we have connected, the more complex the network becomes and the weaker the network security becomes.

Our network security is largely based on the security of the weakest devices.  So have we taken time when connecting a new device to review the available security options and to change the default passwords?    Actually, have we considered security when purchasing the device in the first place?    And in the longer term do we revisit the device and perform updates to ensure that the software on the device is such that any identified vulnerabilities have been addressed?

We talk about digital literacy and how we want our students to be literate in the use of technology however the security aspect of our home networks if largely overlooked.     The question is can you truly be digitally literate if you are using your home network without considering security?   Can you be digitally literate if you happily add additional devices to your home network without concern for the security implications?     Another question is where do we cover these issues in our teaching of digital literacy within schools?

Digital Literacy and big brother

Further to my recent post on digital literacy I thought I would revisit one of the areas I mentioned in a little more detail.    The implications of technology use makes for an interesting discussion with students in that there are some implications which we are well aware of, some that we are less aware of and more than likely a whole heap of implications which we haven’t as yet realised.

Taking the implications which we are currently aware of and discussing online safety, or e-safety as we previously called it, has serious implications and as such is being discussed in schools.    We are already discussing with our students about the dangers of people misrepresenting themselves on the internet, the dangers of posting too much personal information on the internet and fake news, which has been the subject of discussion in schools for some years, again hitting the headlines.   I remember teaching about the spaghetti crop failure as a way to illustrate about fake news some 10 or more years ago.    We are also discussing and teaching about the permanence of online data and how once the post, photo or video is out there it is impossible to delete.    Online privacy and security settings are also a topic of discussion with a particular focus on social media usage among our students.

The above are what I consider to be the main areas of discussion in schools around technology use.    Some lesser consideration is given to the impact of search engines such as google.    As we all use google to search for information, we all end up getting the same search results.    This potentially has the impact to narrow our focus as we seldom look beyond the first few results in google, the results which represent the popular answers.     This in turn might obscure from us alternate lines of thought and resources which previously we may have come upon in a book leading us to explore different pathways and possibly even arrive at alternative or even better solutions.

Sticking with google we also need to recognise the purpose of the site in that Google is a business.   As such they need to make money which they achieve through advertising.    What are the implications of their need to sustain or even increase their revenue on the search results they return, the way the present the results and also their gathering of data in relation to the searches we do?    Facebook, Twitter, Pinterest, etc are all businesses so we need to bear this in mind.

This brings us nicely to another implication in the data gathered about us.    If we are logged in to google when we run a search, and we have location services on then google will have gathered information about us in details of the search, the time and the location.     They can, from this, build a profile of our search habits, our interests, our geographical locations and search habits in different locations and at different times.   From this they may be able to work out where we live, work and socialise including the frewuency of each.     Combined with the search habits of our family members they may then be able to start building a profile of the family.    Are we happy with this?     When I think about it I also give thought to the TV series Criminal Minds where the FBIs Behavioural Analysis team are able to gather basic information from a crime scene before providing a detailed profile of the offender or Unidentified Subject, Unsub, for use by law enforcement in arresting the said Unsub.   Through googles data gathering they can identify a lot about us as individuals and our families, beyond the data they gather, by statistical analysis.     And this extends way beyond just Google with Facebook, Target, Amazon, etc. all gathering “Big Data” for use in statistical analysis for the purposes of identifying trends and profiling.

A bigger question which may be how might the data gathered be used in shaping peoples views and perception.    This was raised in relation to Facebooks coverage of the US elections.    Through profiling of users a site or service may choose to feed users with materials targeted at them in order to change their voting or other preferences.     For example, as a user my profile may show that I am very focussed on human rights, via my search habits and postings on social media, so the service shares with me articles and incidents where the actions of the party which the service do not want me to vote for have infringed on human rights.    At the same time they may show me materials on where the party they want me to vote for have taken noble actions in relation to human rights.     When I find myself ready to put my cross on the voting ballot paper I remember one party which was good in relation to human rights, an area I focus on, while the other party were not.   I therefore tick the form accordingly however how much of my decision was influenced by technology and profiling?   Was it my decision at all?

Looking at emerging technologies, the internet of things (IoT) is definitely growing in profile.   As such more and more devices are being connected to the internet including fitness trackers, home security systems, heating and lighting control and many more systems.   We also have devices such as Amazon Echo and googles equivalent device.    Each of these devices gathers more data about us and our habits.    This data in turn can be used to infer further data about us through statistical methods.  Is this Orwells big brother becoming reality as we introduce more technology into our lives, allowing more and more data to be gathered about all we do?

I am very much for the use of technology.   The key though is in the need to consider the implications and act accordingly.   The world generally, in my opinion, exists in balance and therefore for every gain or benefit of technology there is a flip side, whether we know it or not.     With our students who often eagerly adopt new services and tech for their perceived or advertised benefits the key is the need for us as educators to ensure that they have considered the other side.


Digital Literacy

A post be @trainingtoteach on twitter got me thinking about what we mean by digital literacy.    This instantly caused me problems as it covers a rather broad spectrum.   As a result I decided to write this post in the hope of gaining some insight in thinking about digital literacy and trying to type up this post.

My first thoughts on “what is” digital literacy weren’t really getting me far so I decided to take a slightly different approach.    I decided to approach it from the other side of things and what is NOT digitally literate.

Not being digitally literate would involve being unable to make use of digital technologies.   By this I don’t mean being unable to make use of specific apps but being unable to make use of technology to solve a specific need or problem.    I think the need for a problem or a task is key as we don’t just use technology, we use it for a purpose.

Giving some consideration to what the problems might be and communicating with others, research, managing ourselves and others (e.g. online calendars and productivity tools), creating content to meet a specific need and modifying or combining existing content to create new content all jump to mind.   This seems to align a little bit with the so called 21st century skills.    I suspect with more time I could arrive at more problems or better define them however the focus of this post is on what it is to be digitally literate.

When encountering a problem we first need to be able to identify that technology could help us.   Someone who isn’t digitally literate may be unable to arrive at this conclusion.   Next a non-digitally literate person, upon realising technology can help, may not know what tools to use.    A person who is not digitally literate would be unable to progress from here as they would know little of the available tools plus be unable to carry out research to identify tools that would be able to help.   They would also lack the ability to use communication and collaboration tools such as twitter, email, etc. to ask others for support.     Even if they can identify tools they may have difficult in identifying the best tool for the given situation. They would lack the knowledge, understanding and skills required in identifying what technologies tools to use as well as why a specific tool is the best option.

Assuming a person manages to get past the first phase and identifies appropriate software and hardware the next phase would be to make use of the technology to solve the issue at hand.    A person who was not digitally literate may be unable to use the tools at hand.    They would lack the skills and experience.  They would also be unable to use research tools, etc. to try and learn a new tool.   They wouldn’t be able to use trial and error or intuition and the hopefully appropriately designed user interface.    How to use the technology would present a problem.

Another area a non-digitally literate person would have difficulty with would be finding and creating resources.   They wouldn’t know where to find images or audio files for use and would also have difficulty with creating their own files.

The issue with resources brings me nicely to another area where the non-digitally literate user would have difficulty.   They wouldn’t understand the implications of using resources from other users.   They wouldn’t understand copyright or licensing including creative commons licensing.     The failure to understand implications of technology use would likely extend beyond just copyright into areas such as online safety and privacy.    They may not understand the implications of posting a personal image on Facebook with poor privacy settings.

So being non-digital literate is not knowing what do use, why to use and/or how to use it.    It is also not understanding the implications of technology use.    I cant help thinking that this isn’t any different from having the skills and experience to use any tool, technological or not.   If I am a tradesperson do I not need to know which tool to use and when.   Do I not need to have the skills to use it and an understanding of the implications of its use?     When we talk about language literacy are we not talking about using the correct terms, syntax, etc. and therefore knowing what, why and how to use the tool of language, along with the implications?

So why are discussions of digital literacy so complex?





The internet isn’t working. A disaster?

Yesterday afternoon while sat at home I suddenly started to experience internet issues, with my routers connection being intermittently lost.   I immediately carried out the usual checks to see if I could identify the issue however nothing on the internal network at home seemed to be amiss.   As such it was time to call my network provider to ask them to look into the situation.

Ok, so my first thought was: “time to google their helpline phone number.”

Not a great start given internet wasn’t working plus my home is very much a 4G/Mobile communications black spot.   And so it was I had to rummage through old paperwork in the hope of finding the sky customer service helpline number.    Thankfully I keep my paperwork so it didn’t take too long to find a number and get in contact with the helpline.

Having been told it would be up to 72 working hours before an engineer would be able to look into the issue I was very impressed when a call came through from an engineer only 4 or 5 hours after my initial call.   He promptly arrived and looked into the issue, pronouncing shortly after 5pm that he would need to investigate further and that this would be done the following morning.

And so I found myself, and family, sat without internet over the evening.   I repeatedly found myself in the early parts of the evening, accessing the router to check its status in the hope that internet would have been restored as if by magic.   Upon realising the futility of this I put my devices aside but still found myself periodically reaching for them to check my twitter, email, etc. again in the hope that the internet issue had got bored and resolved itself.    As it was it hadn’t.   In hindsight I cannot see what reason I had for believing my connection might have re-established itself without outside intervention.

The above goes to show how important, going on essential internet is.   I had an issue and the first place I wanted to look for a solution or a contact who might be able to assist was the internet.   Despite clear awareness of the fact the internet wasn’t working I repeatedly, due to habit and learned behaviour, kept reaching for my devices to access the internet.

Have you ever taken time to stop and look at your usage and reliance on technology?   Is this something we need to discuss with our students including the need to “disconnect”?



Data: Making better use?

One of my areas which I want to work on over the next year will be that of Management Information.   In my school as in almost all schools we have a Management Information System (MIS), sometimes referred to as a SIS (School or Student Information System).    This systems stores a large amount of student data including info on their performance as measured by assessments or by teacher professional judgement.    We also have data either coming from or stored in other data sources such as GL or CEM in relation to baseline data.   These represent the tip of the iceberg in terms of the data stored or at least available to schools and their staff.

Using the data we then generate reports which do basic summaries or analysis based on identified factors such as the gender of students, whether they are second language learners of English, etc.  Generally these reports are limited in that they consider only a single factor at a time as opposed to allowing for analysis of compound factors.   So gender might be considered in one report and then age in another, but not gender and age simultaneously.   In addition the reports are generally reported in a tabular format, with rows and columns of numeric values which therefore require some effort in their interpretation.    You cant just look at a tabular report and make a quick judgement, instead you need to exercise some mental effort in examining the various figures, considering and then drawing a conclusion.

My focus is on how we can make all the data we have useful and more usable.    Can we allow staff to explore the data in an easier way, allowing for compound factors to be examined?    Can we create reports which present data in a form from which a hypothesis can be quickly drawn?    Can the data be made to by live and dynamic as opposed to fixed into the form of predetermined “analysis” reports?   Can we adopt a more broad view of what data we have and therefore gather and make greater use of a broader dataset?

I do at this point raise a note of caution.   We aren’t talking about doing more work in terms of gathering more data to do more analysis.  No, we are talking about allowing for the data we already have to be better used and therefore better inform decision making.

I look forward to discussing data on Saturday as part of #EdChatMeda.    It may be the after this I may be able to better answer the above questions.