Episode 245 - New Year, New Cyber Attacks - K12 Tech Talk

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
On this week's episode of the K-12 Tech Talk podcast, we're back for the new year, but

(00:05):
unfortunately, the holiday break came with a spike in some cyber attacks.
We talk strategies for vacation periods and discuss what we look for when interviewing
candidates for school tech support roles.
Thanks for listening.
Live from the NTP studios, this is the K-12 Tech Talk podcast.
I am Josh here in mid-Missouri.

(00:26):
Down the street is Chris.
Hello, Chris.
What's up?
We're both tech directors here in the great state of Missouri.
And then over on the far side of the country, on the East Coast in New England, we have
Mark.
Hello, Mark.
Hello.
Is your real name Marcus or is it Mark?
It's Mark.
It's Mark?
Okay.
I've been watching that Puff Daddy documentary, so I'm learning more about the East Side.

(00:50):
I wouldn't watch that.
I was going to ask about what Santa Claus brought you guys, and Chris went way off here.
We took a nice little Christmas break the last two weeks, rejuvenated.
Mark's skin is glowing tonight.
He is nice and rejuvenated, centered as he is practicing the-
Did you get some new oils?

(01:11):
That is not the right- No, you cannot ask Mark that question.
New lotions perhaps?
No, you can't ask that question either.
New body spray?
So what I did get that has helped me rejuvenate is, I had never heard of this before, Brick.
Have you heard of this?

(01:32):
This cell phone thing?
Just because of you?
Yeah.
Yeah.
Just because of you.
It has changed my life.
You can choose what apps that you want to block.
It's just like the same software you have on an Android or an iPhone, but the difference
is to unlock those apps, like a physical square if you tap your phone onto.
And the goal is you put that physical block, that brick, somewhere out of reach.

(01:56):
And multiple times, I'll open up my waste of time apps and it's like, no, this is a
distraction.
And I'm like, well, I'm too lazy to walk over the fridge.
So success.
I get that.
So you get your laptop out instead and just do it from your laptop.
Yeah.
He just moved on to a bigger screen.

(02:16):
I'm never on my phone.
Yeah.
Yeah, my screen time on my phone has gone down, but damn, my laptop battery won't last
for anything.
No, that's cool.
Yeah.
You're not wrong on that one though.
Chris, did Santa Claus bring you anything?
Well, I was trying to think about that.
I got some books, you know, I think that's it.

(02:38):
Reading?
What the heck?
Yeah.
Well, I like C.S. Lewis and then I've never read the Narnia stuff.
Oh, really?
Wow.
Not correct.
I have I have a tip for you to skip book one.
No.
There are Narnia movies.
Watch the movies.
Yeah.
Just watch the movies.
Skip the book.

(02:58):
Well, there's new Netflix or something coming out, Narnia.
And I thought I need to get ahead of this.
Hmm.
Interesting.
So we'll see.
I got new battery pack drills.
I'm excited.
It's been a couple of years since I've had battery pack drills.
What do you what do you drill anything like I changed the light switch last week.
I used the drill to change to get the screws out on changing a light switch.

(03:21):
I replaced the an exhaust fan switch in our bed in our bathroom to a timer switch.
So you just go in and you hit 45 minutes and it automatically turns off now.
Oh, that's nice.
It's better than sitting there with a stupid manual screwdriver trying to get it out.
An hour and a half later, you have one screw out.
Look at you, handyman.
I know I am a regular Bob the Builder.

(03:43):
New year, new Josh.
Yeah.
Same old bourbon, though.
Chris, do you want to hit a sponsor before we get into the news?
Yeah.
Meter going to hang out with us for a couple months in 2026.
Meter delivers a complete networking stack.
They do wired, wireless, cellular, all in one solution.
They can help you get fast, secure network.
You can kind of think of them as like a subscription based networking thing.

(04:06):
So reach out to them.
It's E-rate time.
They can they can walk you through that, too.
So it's meter dot com slash K-12 tech talk to book a demo meter dot com slash K-12 tech
talk.
All right, Mark, you have it's been two weeks.
I am sure you spent a large portion of Christmas break just scouring the interweb for valid

(04:30):
news stories, right?
Listen, going back to that whole brick thing, the absolute best thing I could do is block
the news app.
So that is that has saved me over the last few weeks.
But in terms of EdTech news, obviously, it's been a little bit quiet.
But what I noticed this week, the first I would say news article is not really one article,

(04:52):
but but but many.
And that was what stuck out to me was that many, many schools, multiple schools got hit
with cyber attacks over the holiday break, some of them not even being able to open on
Monday of this week.
So it was very, very unfortunate to see that we did see a little bit of a spike over the
break.
And it kind of goes back to that that old adage that the bad guys are watching and they

(05:15):
know when schools are not watching.
Yeah.
So unfortunately, I don't think it was a coincidence.
I do think that it was very intentional that these schools were attacked.
We saw schools in Illinois, Alabama, England, California hit with cyber attacks.
And at least a couple of them were bad enough that they could not reopen this week.
And one of them is still trying to recover.

(05:36):
So our heart goes out to schools that are going through that one.
Josh, Chris, anything, any advice that you have of how to prepare for a vacation?
What are some things that you could possibly do to prep for, you know, that that time away
when you know that guys are getting ready to attack?
A couple comments here.
One, if you've been hit, call Chris in K-12 Tech Pro, they will send you pizza.

(05:59):
But what he won't tell you is he will make you do a keynote at the next conference.
And then you come for a keynote.
No, we'll just give you we'll give you pizza.
If your team's not in the pizza, we'll send you whatever is local to you for sure.
I mean, paranoid, Josh would say, just unplug the Internet.
But that really doesn't protect your like mail accounts, your Google accounts.

(06:22):
So, you know, it's one of those things, a wing and a prayer.
I don't I don't know.
We always had a checklist where we check for, you know, check our admin accounts,
make sure that we didn't have any unknown accounts.
If there was something that was, you know, something that was going to be out of country
or out of pocket, we would say, OK, we're going to suspend your account just to be safe.
But definitely checking your domain controllers and making sure that everything looks good.

(06:48):
Even though you're right, you can't always prepare for everything.
We say easily, you know, have have a sock.
We always plug NTP in particular.
But that peace of mind, because that that they are paid to work over the holidays.
So if you can have a third party monitoring your stuff, well, that's peace of mind, at least.
But they're actually doing that work, too.

(07:09):
You know, I think the only other thing that would be the revisit sometimes is does the school
and that's a change of contract and culture and the whole bit.
But maybe tech department shouldn't be taken off like tech department takes off.
We don't be paying attention to checking in a lot more.
We yeah, but you're not sitting around Christmas morning in the server room.

(07:30):
No, but I live extremely close.
And you know, me, if I get an alert on my phone, I'm taking action.
And you know that that OK, so that's a good point.
Do you have automated alerting set up so that you and we'll get into this
and that we have a listener email from a listener named Lawrence.

(07:51):
But do you have automated alerting set up to where if you do have an unexpected
international log in, are you getting that notification in your email real time
or are you checking those logs six hours later and taking action six hours later?
So I think that applies to even non holiday break times.

(08:13):
Yeah, we just chased the rabbit of a DNS issue at our at our school this week.
And how we found out someone had an issue.
We have a monitoring thing on a monitor in the office that had a little red box on it.
And then another little monitoring thing went off.

(08:34):
Those are visible things because I was sitting in my chair.
I could also go look into those systems and like I could see that there were errors
happening. And even to talk about email alerts and things, I filter those to a spot
that I check out every once in a while.
So a holiday or a weekend or an off, I'm not sitting there with my eyes on it.
And I don't have users complaining about it either.

(08:57):
That's the big difference. So if you can automate stuff to take action.
Well, like Josh said or Mark just said to like to turn off an account and then make it be
turned back on. If you can automate.
Yeah, let's shut. Even what you just said, let's shut it off.
Let's automate turning things off over the holidays.
You'd rather that than the opposite thing and the bad thing happening.

(09:20):
Man, so that that is an interesting discussion, Mark.
You know, if you're turning off admin accounts, if you know somebody is leaving, you
know, to go to Italy for Christmas or whatever.
I don't think it's a really a bridge too far to say, OK, what non-critical services
do we have or are boxes that are running that we could

(09:43):
shut off over a Christmas break?
Like, you know, that may be a very real conversation to have.
Like, OK, so it's no secret, Chris and I, you, you, we migrated off of
Tyler's K-12 a couple of years ago.
We I still have our old sys on servers that every once in a while we have to spin

(10:05):
that box back up.
But right now, that box, unless there is someone that has a legitimate need to be in
that system, that box is turned off.
So, you know, it wouldn't it wouldn't necessarily prevent a bad thing from happening if
somebody got root access to my VM console, but it would prevent, you
know, just that that natural poking of a server if the if the box is turned

(10:30):
off and not responding to to pokes or pings.
Maybe that's not too far out of the realm.
Yeah. It's a little bit more work in an environment like you were in, Mark, that I think
that's a probably a harder pill to swallow than in an environment like Chris
and I, because we're we're smaller, we're a little bit more agile, where you at your old

(10:52):
district, you likely had people working the majority of Christmas break.
There was someone on campus doing something at some point.
Well, there was always downtime.
And I also encouraged people to take downtime.
You know, I sure I didn't want people stare at their phones during the breaks.
And I don't think they were going to anyways.
But to your point, Josh, around, you know, shutting things off after hours, I will say a

(11:14):
funny story. One time we had a crisis in the district.
It was a crisis of a master schedule the day before school.
And I found myself in a high school.
No big, no big deal.
Only, you know, not having a master schedule the night before school starts.
And I found myself in the guidance office of this school with like five or six of us

(11:35):
trying to figure out the schedule at one in the morning.
And all of a sudden people like I can't get in the system.
I can't get in the system. And I had forgotten that the team had protocols in place to
shut traffic down at 1 p.m.
or 1 a.m. So we load all into my car and I walk up to my front door.
My wife's like, do you know what time it was?
And then I was like, this is only going to get worse.

(11:56):
And then out of my car comes a guidance team for one of the local high schools.
And we crammed through the rest of the night on my home Internet connection trying to
finish the schedule.
Oh, my gosh.
I do like the thought of.
Unplugging the Internet for the holiday.

(12:18):
So like, yeah, teacher, you can be on your laptop at home checking your your Gmail,
but you can't do it at school for these days that that's at least protecting your
your school servers and your school things.
And in public, that public interface.
Yeah. Again, that's a real thing you're doing.
You're literally unplugging something.
And yeah, but nowadays, with everything being in the cloud, it's kind of like, well,

(12:43):
what's the point? Yeah, right now.
Yeah. Our number of on prem systems has dramatically decreased over the last five
years. Mark, you shut down Wi-Fi at 1 a.m.
every night. I don't I don't remember the specifics of it.
OK, I don't think they do that anymore.
I mean, we have so many things that ride on the Wi-Fi.
I think at the time there was there was some security measures in place.

(13:06):
I remember the team saying this is to prevent a virus from.
Ripping through systems in the middle of the night, but yeah, yeah, makes sense.
All right. What else you got? All right.
This is a different one. So this is from e-school news.
They talked about the rise of psychoeducational testing being done remotely.
So people may be familiar with the Woodcock Johnson test.

(13:28):
It's around cognitive abilities.
Very, very common assessment that's been delivered for years in schools by in-person
counselors. Well, now with increased demand for special education services, challenges
getting certified professionals to deliver assessments, more and more schools are
turning to remote educational psychoeducational services being delivered or assessed

(13:51):
online. A lot of concerns brought up in the article, a lot of, I would say,
solutions. But for me, this article stuck out because now we have students receiving
high stakes exams through video conferencing and you have educational professionals
who might be in a different town or a different state conducting high stakes exams,

(14:13):
cognitive exams. Are you experiencing this in your school?
If so, are there any specific things that you need to do to prepare for something like
this? This is going to sound horrible, but I don't know.
I don't I don't think we're doing that virtually, but I honestly don't know the answer
to that. I think we're still using exams that require a CD.

(14:36):
If I'm being real honest, I know there is one that we give that every time it's a new
computer, oh, we got to find a CD.
It's like Hawthorne or something.
And there's a yes.
And we got to go find a CD-ROM drive, install it, and then Windows isn't like the install
is not going to work. You got to call the company and they like email you some files to

(14:58):
copy paste. Is that is that because like it's an old exam or because the person in charge
of it refuses to pay the annual subscription for the cloud version?
I think it was like I paid for this CD.
I'm going to use it. Well, and I think it's the guy that developed it died.
You know, it was one guy and he died.
So it's not being developed anymore.
Like, yeah, it I Chris, I think we had that product for a while.

(15:23):
You copy paste files like you copy paste some files into a folder, you know, very old
school feels like Windows 98 to me.
Yes. So I'm against this.
I was going to ask you if you have any concerns with with remote psycho evaluative tests
being done, but I guess you're still working on that CD-ROM.

(15:46):
Yeah, I got my own concerns.
Where's the CD?
Where is the external CD-ROM drive?
Yeah, this is just that that thing of technology replacing the person, right?
Like less people getting qualified for this.
OK, we could ship it off to a company.
Yeah. If you have a hard time attracting diagnosticians or psych examiners.

(16:10):
Yeah. OK, yeah, that was one of the points in the article is that this is happening in
remote schools that are challenging or that are finding challenges getting staff, qualified
staff to deliver it in person.
They did conduct a large scale national study on this, comparing in-person and remote
administration, the Woodcock Johnson, and found no discernible differences in results

(16:31):
between the person and remote.
So I think the as as uncomfortable as this feels for me, the data does at least show
that there is a there's no significant disadvantage or advantage to remote psycho
evaluative tests.
That's really interesting.
I don't know what like the super small rural school does today, but you would think that

(16:54):
it would you would help them.
Yeah, yeah.
At the school in the middle of the forest or whatever that has very limited staff.
Absolutely. It's telemedicine, right?
Like we sure a lot of schools, a lot of hospitals have been doing telemedicine for years.
And so now we're starting to see this hit schools.
All right. And then the last story that I had, I think, Josh, you had one as well.
But USAC has released some data on the E-Rate cybersecurity pilot so that we have some

(17:18):
preliminary data on the 471s that have been submitted.
Just for background, the USAC has a currently a $200 million pilot for cybersecurity and
E-Rate. And so it's very similar to the normal E-Rate process, but funds dedicated
specifically for cybersecurity.
They did find that it wasn't a complete 100 percent participation rate, but it was very

(17:40):
high at 89 percent of participants who were selected have filled or filed for 71s.
That amounts to about just under 80 percent of the program budget, the pilot budget, which
is fantastic. And they have representation from all 50 states.
You know, I find that interesting, that number of 89 percent participation rate, because

(18:00):
we were hearing for a while, oh, all these people were selected and, you know, a huge
number are turning down the opportunity because of, you know, sight, whatever reason.
But we were hearing stories that there was a ton of people turning down the opportunity.
But shoot, man, 89 percent participation rate.
I feel like that's good.
Yeah. Yeah.

(18:21):
No, I think it's good. I think it also shows, too, you know, a lot of people wait for the
last minute. So, you know, they're filling their submitting their 471s.
Right before the deadlines.
Yeah. Interesting.
Interestingly, the data shows that, you know, data or the service categories are pretty
evenly broken out.
There's not any like major spikes, but the highest category at around 44 percent was

(18:42):
monitoring, detection and response.
I'm not surprised, I think, as we've talked about just a few minutes ago with with what
to do over Christmas break comes down to monitoring and detection.
So it's good to see that a lot of schools are investing in that one.
The next largest category, around 25 percent, was identity protection and authentication.
So schools looking for MFA, they're looking for modernizing their identity systems.

(19:03):
So that's great to see.
The other categories are on endpoint protection, advanced next gen firewalls, both
around, you know, above or below 15 percent.
So no significant differences there.
I have a dumb question.
The difference between monitoring, detection and response and endpoint endpoint
protection, I'm assuming monitoring, detection and response is maybe by a third party, a

(19:27):
SOC and endpoint protection is literally just the EDR application.
Am I am I. Is that right?
Well, yeah.
So yes and no.
So to your point, the definition of endpoint protection is just, you know, on device, on
user device software, that kind of stuff.
And obviously there's going to be some monitoring and detection there.
Monitoring, detection and response really is geared more towards networking.

(19:49):
The tough part about this one, I spent quite a lot of quality time looking at these form
70 ones over the fall period, and it really is up to the user to kind of check off what
box they're putting this into.
And so I just noticed a few discrepancies with, you know, somebody might be calling.
They they're looking to get some EDR and they're going to put it in the monitoring,

(20:11):
detection, response category or vice versa.
So I don't put too much weight on that.
So I don't put too much weight on these categories, but I think in the broad brush
strokes, that's that's about right.
And regardless, it's good.
Like these are good numbers.
This is this is going to move the needle for a number six hundred and fourteen

(20:34):
districts. This is clearly going to move the needle for them.
Yeah. Yeah.
So I was going to say, I think it plays out even cool, a cool look with the percents.
When we think when we play back the track on raising the bar on your tech department
for most departments, it was we'll get the next gen firewall and then upping your

(20:54):
antivirus came later.
And now, OK, you got those two great things established.
So now you start thinking about identity protection and monitoring and detection
response. So it's also a nice little pulse check.
OK, schools are asking less about next gen firewall and less for endpoint protection.
You hope that means that's because those things are in place well across the nation

(21:15):
now. And so does that also mean or is that also because firewalls are covered under
E-Rate as well?
Yeah, sure, sure, sure.
That's it for the news this week.
Josh, you had something around SDPC you also wanted to add to the news section.
Yeah, let's let's hit let's let Chris hit the sponsor for this segment real quick.
For sure. So Rise Vision hanging out with us for a couple of episodes.

(21:37):
They do digital signage.
They can do screen sharing and emergency alerts as well.
So you can do all kinds of things with Rise Vision.
But in your school, you can think about TVs mounted in the hallways or in particular
key areas. They can deliver content and kind of what makes Rise Vision different than
just the old like, hey, just do a Google slideshow kind of thing.

(22:00):
They help you with the content.
It's pre-built content, joke of the day, lunch menu stuff put up there in advance.
And then it can work with your systems, your emergency response system.
So if your school goes on lockdown or fire, there can be things delivered to those
screens for you as well.
They have some cool screen sharing things, emergency alerts, interactive templates to

(22:24):
check out. So check out Rise Vision.
So I this afternoon, I had a day full of meetings in this afternoon.
One of my meetings was the SDPC consortium for the state of Missouri.
Our leadership call for the month.
And they said one of the trends that they are seeing or that actually TEC is seeing

(22:48):
is that providers, app providers, app companies, when they're signing DPAs now, they
are really pushing hard for limit of liability statements in the data privacy
agreement, meaning that they are trying to put a cap on the liability that could be

(23:09):
held by these companies if there was a breach at the company's fault.
And, you know, a number of these organizations, these data privacy agreement
organizations are saying absolutely do not sign the agreement if there is a limit of
liability. You need to understand what that means.
And in reality, the true cost of recovery from a breach like that, and they said this is

(23:35):
purely coming from the power school incident.
All these vendors are seeing what this what that incident is costing power school and
they are pumping the brakes and freaking out.
They want to put a cap on what their outlay of cash could be in the event that they had
an incident. The provider had the incident, not not the school, the app provider.

(23:57):
And to me, that's absolutely like if you have a vendor coming to you and say, buy my
product. Oh, by the way, if we have an incident, we're going to cap you at twenty
thousand dollars. That is a major freaking red flag to me.
So I find that is an interesting trend, guys.
Question for you on that, so are you the one for your district signing data privacy

(24:20):
agreements with vendors?
Yep. Are you authorized to sign an agreement that has deviated from your standard?
In other words. Oh, good question.
In other words. So a vendor comes back and says, oh, we're going to cap the liability at
twenty five thousand dollars.
Josh, IT director for school district X, Y, Z.

(24:40):
Are you authorized to even agree to that?
Because that feels like for me, something that only the superintendent or mayor of a town
could could agree to.
Or our attorney or school district attorney.
Yeah. And that's one of the reasons why we joined the TEC organization was because
that all of that negotiation takes place with them and their attorneys so that we don't

(25:03):
have to billable hours with our attorney and waste time on that side of things.
If it's a standard agreement.
Yeah, fine. No big deal.
But TEC historically has taken this stance.
Anything outside of the realm of normal, there are serious discussions that have to
take place. Interesting.
I'm not surprised.
I think this school breach from last year is going to be very expensive for for the

(25:25):
company. And I'm sure that many, many other companies are trying to figure out how to
limit their liability.
For me, it just comes back to who is authorized to make a decision like that within an
organization. And even though many of us in our positions are the ones signing these data
privacy agreements, I don't think any one of us is authorized or capable of making a

(25:46):
decision. I would not make a decision like that for my district and I wouldn't advise
anybody. Yeah.
Out of the norm like that.
Yeah. Because what what you've been authorized to sign is the standard agreement.
Right. And do you wonder if it had like trickle down?
So like so you sign the thing, I guess let's pick on PowerSchool.
PowerSchool says, hey, we're only going to give you 20 grand for this.

(26:06):
So then does your school attorney say, hey, so with our user agreements that we have
parents sign, let's add in some sentences that they can only do X, Y, Z.
You know, does it end up trickling down to the person that affects the most because that
that's typically how stuff like this works, you know?
Yeah, that's a weird conversation.

(26:26):
You know, you're you're enrolling your kid in public ed because, you know, free and
appropriate education. Right.
And then you try to enroll in a district saying, hey, by the way, if one of our
providers has a breach or we have a breach, you can't sue us.
You know, everybody feel good about that.
OK, sign this paper.
Yeah, that's a really weird that's a really weird place to be.

(26:49):
I don't get it.
Yeah. Yeah. Not to mention all the differences in state and local municipality
policies and regulations.
I mean, I know that would never fly in my district because our city just had very, very
tight rules and regulations around liabilities and indemnification clauses.
But, you know, the providers are the small these ag tech companies are going to go after

(27:12):
the small districts knowing that they may not have the same legal bench that that the
big guys do. So, yeah.
Well, and that's exactly why we saw providers or we continue to see providers more than
willing to kind of.
Come to an agreement with a privacy agreement with a big district because they know they
need that big district and the little districts, they're like, screw you, unless you

(27:34):
want this, unless if you really want this, this agreement signed that bad, you're going
to agree to our terms, not the other way around.
We see it every day.
Yeah. OK, tell us how you feel, Josh.
Oh, it's I was on this call and I it was two people from Mornet that we that we know

(27:55):
well, Chris, and like I was there was no it was no filter Josh time and they were they
were rolling. They were laughing.
Josh, I think we need a segment dedicated to just reading your random text messages to
us during the week.
OK, go ahead.
Yeah. And for the record, when you text and I don't answer.

(28:18):
It hurts. Oh, it's for various reasons.
Yeah. Either I don't see it.
And I suck it, just checkmark, say otherwise, or I see it and I just don't know what I
don't know what you need, like I don't know, I don't know if that's you like, is that
you just letting me know that you're alive?

(28:39):
Well, Chris, Chris, to your point, though, let's read message number one from yesterday.
This is at one or two p.m.
From Josh, the two of us.
I need a cigarette. Yeah.
And then what I don't.
Well, what do I say, Mark, what do you did you reply?
No, no, no, no.
I was hurt. So we looked at it and we read it.

(29:01):
Yeah. Yes.
Clearly you did. I think part of me is expecting Josh to like respond with follow up
like, yeah, something.
Here's what. But clearly you didn't care.
So why would I waste my time following up if you didn't?
Well, that was a cry for help.
That was a cry for help.
That was that was yesterday.
And then later on at seven forty five p.m.

(29:23):
was I need a damn vacation again.
We also left that one unread.
Yeah. And today I did reply to that.
He's going to stuff his face with pizza.
That's my dinner was getting home late and I wasn't sure if I was going to have to eat
during the pod. So I thought that was you stress eating.

(29:44):
No, no, no, no.
So maybe I can't read these text messages.
Well, I'm well, then there is then there is just before we started recording,
which is just a single gif from Josh, which is a child on a teeter totter alone.
And the caption says, I'm all alone because I was in the room here waiting for you

(30:06):
to knuckleheads.
And we just to be with you.
Yet we want you to know that we are here, we are there.
If you see a blue checkmark, that means we're with you, bro.
Yeah, I think I think what all this all this shows is I cry for help and you to leave me
unread. So no blue checkmark means our hearts are beating together.

(30:30):
OK, by the way, this next segment is going to be brought to you by Classlink.
I think we all know what Classlink is, but they can help you with your staff and student
access to apps and websites, rostering singles, single sign on and other automation

(30:50):
analytics and more.
If you're into that, check out Classlink at Classlink dot com.
So listener email, Chris, if people want to if people want to be like Lawrence, who sent
us this email, what email address should they email?
So we have like the laid back could get hacked K-12 Tech Talk at Gmail dot com.

(31:10):
But we also have info at K-12 Tech Talk podcast dot com.
And that's our professional paid for Google account info at K-12 Tech Talk podcast
dot com. Or you can post something on K-12 Tech Pro.
We pull from that, too. But either of those works.
If you want us to keep your identity anonymous, we will change your name.

(31:33):
If you want to pick your name, we'll use it.
You don't know if this is Lawrence's real name.
Like it's Lawrence's. I think he probably goes by Larry.
This might be his government name.
So Larry from Idaho sent us an email and he he's had a rough week.
He he said that I'm paraphrasing because this is a long, long story and it feels like

(31:57):
this. It's hard for Larry to tell a story and not be really long.
The guys are making fun of me.
So he emailed and said that starting over Christmas break, he noticed an uptick in
international login attempts from his student accounts.
And Tuesday of this week ended up calling down three students from the middle school

(32:19):
that were repeatedly logging.
Their accounts were repeatedly attempting to log in internationally during the school
day. And they have a rule in their district that students can't have cell phones.
So they he knew it shouldn't have been a cell phone.
Calls him in. He was thinking it was likely a VPN on a home device.
So had the conversation with the students.

(32:41):
The students were like, well, we'll go home tonight.
We'll look at our computers.
We'll see where that gets us.
So the next day he noticed that all of the all of these student councils, three student
accounts, none of them alerted international login for the for the next 24 hour period.
So he calls one of the students down to the principal's office Wednesday morning and

(33:04):
says, hey, so what changed?
And the student admits to re-imaging or as the student put it, factory resetting his
PC. And in during the conversation, Larry gets out of the student that the student
believed he was hacked over Christmas break because he installed an application.
And shortly thereafter, his two discord accounts, his one of his gaming accounts and

(33:29):
Steam account were all compromised.
And his school account was also disabled.
So, gentlemen, I think this.
Lens poses a question, and I think Larry has a really good point here.
You know, school districts, school districts focus on preparing students for life after

(33:54):
high school, for the real world, we want them college and career ready.
We we offer them college and IRC's industry recognized certifications to move on if they
want to enter the workforce right after high school.
At what point do we address and is it appropriate to address the thought process for

(34:15):
downloading applications that you don't know what they are?
And it ends up being a piece of an application that's loaded with malware and does a
credential harvest on save passwords on a machine.
Where is that conversation taking place?
Do you have thoughts on that?
I do have I mean, I have thoughts about I can't tell you how many times like kid gets to

(34:37):
a website that he shouldn't get to and there's no real discipline or anything because
well, they got to the website.
I might give up. They should have known to not have been doing those searches to begin
with. Those kinds of things come up often.
And you're like, you know, where where do we like it's it's in the user agreement and
it's in the handbook.

(34:57):
There's great sentences that talk about misuse and not sharing password or not manipulating
the technology that that that you're given.
But it's hard to get some follow through sometimes because, again, there's a learning
moment in there, too.
These are middle school, high school knuckleheads that aren't thinking through these
things at all. So I don't that's hard to just come out and say, well, because

(35:19):
again, what even what even is Larry wanting?
Is he wanting the kid to get kicked out?
Is that the punishment lesson?
Is it is it is it sit and watch this training course now?
Right. So what?
Yeah, I think all of us would struggle with defining what is appropriate and what is the
delivery method there.
I don't I don't think anybody agrees that a kid should be kicked out for something like

(35:41):
that because this took place on a personal device.
But I think there is an opportunity for a conversation around, you know, you don't just
download random executables or random installation files that are mentioned in a YouTube
video to get around, you know, to do a grand theft auto mod or a VPN to get around a
geo block and a VPN like that thought process of being safe online and being safe with

(36:08):
what you download.
You know, we we have to teach digital citizenship as part of our agreements with USAC
for e-rate money.
But but this type of stuff to me is not I don't I don't consider that digital
citizenship. I do I do think that we live in a conflicting world of if a VPN is good or

(36:33):
bad. I think kids these days have learned a lot about governments and to not trust the
entities of power and they watch a YouTube video and there's a VPN ad.
So because we push privacy so hard and we literally just talk through privacy and liability

(36:54):
and blah, blah, blah. Yeah.
So they think they're doing like an OK thing with the VPN, but then in K-12 tech land,
we're completely against that.
And it's like a I think it's a bouncing head against the wall kind of thing.
But I think the bigger conversation there is download.
You don't know what else is coming with that shady VPN.

(37:15):
You know, what other is there malware in it?
Is there you know, is it really logging your traffic and putting it on a VPN or just
somebody else's network?
Like, I don't know.
I think Larry's point is.
This could be delivered better or this could be a talk, a learning opportunity, but where

(37:37):
is that appropriate? What?
I don't know. Yeah, I think I think we education in general have a collective
responsibility to make sure that kids know the appropriate and safe ways to use the
Internet. Chris, here's a really good point that VPNs are both touted as being the safe
way to browse the Internet, but also they're used for malicious purposes.

(37:58):
I think that is the story of the Internet is that there is a lot of really good stuff on
the Internet. There's a lot of really bad stuff on the Internet.
And unfortunately, some of the bad stuff is being masked as good stuff.
And we just have to teach kids how to be alert.
But, you know, it's like touching a hot stove.
Kids are going to have challenges.
They're going to they're going to run into issues.

(38:19):
And we just need to make sure that those are learning moments and that we keep kids aware
and alert and understanding that if you get into trouble, you can go to an adult and
we're going to we're going to be OK with it.
We're going to talk you through it.
But, you know, it comes down to intent.
Was the the purpose of downloading the VPN to skirt around security that you have at

(38:41):
school or was it just meant to protect his privacy at home?
I don't I don't know the answer to that one, but I would say that's the first question I
would have for the kid. And the second one is just making sure that the student and
parent both know that there are risks associated with this one.
And you as the school IT director are going to do what you need to do to protect the
school network. But there is also things that they need to do, both parent and child, to

(39:06):
protect their home network and their home data and your limitations and at school
assets. Right.
So, OK, talk through that.
Does the school does Larry's school have a obligation to inform the parent that there
are there was a credential harvesting incident, event, whatever took place on student

(39:29):
X, Y, Z's personal computer?
Is there an obligation there to to inform that parent of that and the risks associated
with that? Are you saying do we have a legal obligation?
Do we have a moral obligation?
I would lean towards a moral obligation than a legal obligation.
I mean, I would say, you know, if you have a student who walks through a shady

(39:53):
neighborhood that that you know that they're not supposed to be there and they could
have gotten themselves hurt or in trouble, then, yeah, we would we would take that
opportunity to call mom and dad and say, hey, I saw him walking behind the YMCA.
I know that's where kids go and and do drugs.
Maybe he shouldn't be there kind of thing.
But that's hard.
Not everybody feels comfortable doing that.

(40:14):
Well, you don't have that parent teacher who called my parents and said, I saw your I
saw Mark behind the YMCA.
Oh, well, and I think the other part of that is you don't know how receptive the
parents going to be either.
Like it could be a mind your own business thing.
Or the dad's like, yeah, my boy uses that VPN.

(40:36):
I taught him. You know, I had that case.
We do the, you know, the Chromebook insurance stuff.
And we literally figured out that a dad was walking his son through how to basically do
insurance fraud with the school on because if you say it's an accident, you say you
dropped the screen, it's it's covered.
No, no claim.
But if you say that you got mad and punched the screen, you know, it's vandalism.

(40:59):
So they had the kid had told a story, got back to dad, and then dad called and said,
no, they they dropped it kind of kind of thing.
So, yeah, that whole environment, which, again, goes back to what you're circling
around to, like, how do we fix this and help kids make good decisions in life?
Whether your parent, the parent is helping with that good decision or not, I don't I

(41:20):
don't know. This is what teachers go through every single day.
You know, I I've got an issue in classroom.
I'm going to call mom, dad.
I really hope that they're on my side and that we're going to work together as a team
to fix this issue. But I can't control what happens outside of school.
The best thing I can do is alert the family that I'm concerned about this issue.
I had a really, really tough situation where I knew right away this is not an issue for

(41:45):
for the school to deal with with the student.
This is about making sure the parent understands the risks to them and making sure
that they have resources to get help if they need it, because we have kids who have
incredible technical skills well beyond what their parents can understand and and
respond to. And I I don't have the answer other than to say it's going to get harder

(42:08):
and harder as time goes on.
Yeah. Well, you could do the thing where you lock down the device like, hey, this
works on a school issue device.
You could you could do the hard thing like that to, I suppose, help parents understand
the resources they have on their own phone to lock down their kids device.
Right. But you can't force them to do that stuff.
No. Right. Right.
Right. Right. It's hard.

(42:30):
It's really hard. It's an interesting, you know, for if we really are preparing students
for life after high school, man, at some point they got to learn.
You just can't download every stinking thing from GitHub and run it like.
Well, it's it starts by making sure all the adults know that as well, we we struggle

(42:50):
with that every day with staff, so sure.
Yeah. You know, and that's a funny thing to kind of kind of chase in a rabbit with
this, but fishing simulation stuff, I'm all about it for my staff and then I get the
price for my students and I'm like, let's just skip that, you know, like we don't do
the same because it's a lot of money.
Right. We don't do the same training and investment.

(43:12):
We our school district does do these like at middle school.
It's at least once a quarter.
It's a special tech training.
And, you know, there's some safety stuff.
We're really big for one whole month.
We try to do some Internet safety things.
It's not like we don't do it.
But yeah, there's a lot of things that I even have pride in that I do with my faculty

(43:33):
and staff in regards to tech, you know, knowledge and wisdom and, you know,
wisdom and discernment that I completely skip because of price or even time investment.
Well, yeah, maybe that's the check of the thing.
Larry, check your heart, Larry.
Maybe you need to do more lessons.

(43:53):
We did fishing tests for our students and you know what we found?
Kids don't read email.
Well, that was before device bans, Mark.
It's true, true, true, true, true.
All right.
Chris, this next topic is a hot topic for you.
Yeah, so I want to talk about what do you look for in a candidate when interviewing?

(44:17):
So my department, we're in the midst of hiring.
I will not get into the weeds of questions I asked and how those questions went.
But one of the questions that I did pose was I asked
our candidates what makes a good technician?
And I wanted to know what their answers were.
And then, you know, it's one of those deals.

(44:37):
You're going to these interviews and you kind of answer those questions for yourself.
So I want to talk in particular about technician, like in the trenches,
on the field, I'm not talking about directors.
I'm not talking about network admin that never has to leave his chair.
I'm not talking about sysadmin.
I'm talking about technician in the classroom doing work, order tickets,

(44:59):
break, fix, what do we look for in a candidate like that when we're interviewing?
What's what's that person need to look like?
Help me, guys, help me.
Personality is what I come back to almost every hire that I've done.
Like the ability to have a conversation.
The ability to say, I don't know an answer, but I'll look it up.

(45:23):
But but, you know, we can teach a lot of the tech stuff.
We it's really hard to teach that customer service side of things,
that personality side of things that make that ability to create a connection
with the human, the other human that you're interfacing with.
That's that's what I've come back to on on the majority of my hires.

(45:46):
My question, I mean, to build off of what
Josh said, I had a little bit more practical approach to this, which was
would I send this person to the superintendent's office if she had a problem
with the computer and if the answer was yes, I'm like, this is a strong,
strong candidate that I'd feel comfortable saying this to the most
sensitive person in the district and handling,

(46:08):
you know, an urgent tech issue for somebody
who does not have a lot of time on their hands.
And, you know, if the candidate was a strong person for that kind of situation,
then they could handle anything in the district.
That was not a I have tough superintendents.
I'm just saying that that's a very high
pressure, high stress environment to be in and, you know, that if a person can

(46:29):
handle themselves with a superintendent, they can handle anybody.
Oh, I can remember being
a technician at a school district and getting sent to the superintendent's
office for a simple like whatever it was, you know, keyboard replacement or mouse
isn't working and.
The superintendent in any school district is typically very confident

(46:54):
and wants the problem fixed and not in like I'm not again, I'm not saying like
jerk way, blah, blah, blah.
But you just walk into the room and there's a different kind of feeling when
you're swapping out that mouse for the superintendent.
So, yeah, you want
a person that can do that just fine.
And I remember feeling like that weight,
because, of course, that might be the one time that the new keyboard doesn't work.

(47:16):
Just to say, you know, the problem is is
different just because that's the the way that's going to unfold.
When you sit in that really nice office chair and you're like, hey, this is how
this is real nice.
I think, you know, my wife was a teacher in my district.
I think my team was all about who to send to her school whenever there was an issue.

(47:39):
So they probably took the same approach
with my wife because they knew that I was getting a debrief at the end of the night.
Hey, I'm going to tell you, I'm going to say this and I'm going to act like I'm
joking, but then we're going to see if
if Drew shout out, listener, Drew,
K-12 Tech Pro listener, Drew, neighboring school district, Drew.

(48:01):
So my wife, Stephanie, Drew, if you're listening, I'm never I'm never going to
tell Drew that I said this and then we're going to see if it rings it up.
So Stephanie, school nurse over at Drew's school district.
I always wonder if Drew thinks, knows
that Stephanie tells me like everything that he's doing, you know, like,
you know, my computer was doing this and Drew only did this or Drew did this.

(48:25):
I always want to fix the problem is what she was.
I always wondered, does Drew fix Stephanie's issues with Chris in mind
and how, you know, how it plays out with with that dynamic of a thing?
I'll tell you what I was judgment that is there.
Drew, if you're listening, here's what you need to do.
Don't worry about fixing any issues for
Stephanie because she's got Chris to fix all of her issues that she's got.

(48:48):
That's yeah, one less person that you need to support your district.
Chris, yeah, whatever.
Whatever.
All right, going back to my technician.
So we need some good customer support.
I love the line you said, Mark, about is
this a person that you would feel comfortable sitting to the admin
building like that? It's it's really nice.

(49:09):
I guess the poke at a little bit of
technicians I've had in the past that I know hit really well.
The one that the one that I just
lost because he went on to do greater things.
He came in with the teacher in mind
like he cared about when that teacher's
planning period may be like the best opportunity in the day to fix the smart

(49:33):
board, and he he just gave that little bit of extra.
That person is a person that has a job to do.
So I'm going to work around them a little bit.
When I'm honestly, I was more wired to like you got a problem.
We're going to fix it. We're going to do it whenever we want.
But to be relational with that teacher,

(49:54):
I mean, that's a really big deal.
And that, yeah, that hits really well.
It's good public relations.
So you're saying if the if the smart board was dead, he would make them wait
until their plan period before he would come over.
He would he would reach out to see what they wanted.
If they wanted urgency, he would deliver.
If they're like, hey, I got this thing
going on with these centers, I'm doing whatever.

(50:16):
Can you come in a couple hours?
He would plot his day based upon what would work well for the tickets in the queue
and the people that had to put in those tickets.
It was really nice.
I really like to for me is going back to that kind of after customer service is
triaging your ability not necessarily to solve the problem, but to at least go

(50:39):
through a checklist of steps to identify the problem, identify what it's not,
and then know when to reach out for more help.
I think, Josh, you said earlier in this conversation, it's not necessarily about
what technical expertise and knowledge you bring to the table, but your ability
to triage and troubleshoot, that's what I look for in a candidate.

(50:59):
Well, and
knowing when to say I need help like
no one knows everything.
You've got to lean on the people around you to be successful.
Yeah, yeah.
Well, isn't that is it Google that's got the like notoriously difficult interview

(51:20):
questions and the question they can ask you a question that can't be solved.
And their whole point is not to see if you
can solve this ridiculously hard problem, but what your mindset would be going
through that, like it's the same idea.
If you were a tree, what kind of tree would you be?
Mm.
That's a great interview question.

(51:40):
Let's think about it. I didn't ask that one.
Should I have asked that one? Yeah.
And the right answer is maple.
Yes, very hardwood.
So you guys lean towards customer service
and being a human.
Over technical.
Yeah, yes.

(52:03):
OK, especially for that for that frontline support role.
Absolutely.
I can teach somebody the technical skills.
I can't teach you to be a better person.
Period. Agree, agree.
Well, thanks, guys.
Make sure you get the right person.
Also, if that person drops a hint that they listen to your podcast,

(52:26):
that's like two thumbs up, right?
At least two extra points in the rubric.
OK.
Rubric.
All right, Chris, where are we going to be?
We're like all over the place.
So
when I say a special shout out to NTP and Lightspeed and Fortinet
for being sponsors with us, they're going to be with us all this year as we get back

(52:50):
into our groove, but they're also helping us go on the road.
And you listeners are helping us get on the road just the same.
So coming up, it's a virtual deal.
But in January 27th and 28th,
we're doing the virtual conference with Secure Ed Schools.
We'll be there for a session or two.
Mark, you're headed to Colorado in February.

(53:10):
That's right. The Calais Conference in February.
So check out Mark if you're in the Colorado area.
You don't have to be just Colorado.
You can come in from afar.
And then we have K-12 VI coming up in Albuquerque.
That's February 24th through 26th and more dates beyond that.
But again, thanks to our sponsors.

(53:30):
Thanks to you all that have listened to us in the past and listening to us now.
We like to get out and be seen
because we have voices and we have we have faces.
Like we're pretty good looking.
And with that, Mark, with that new lotion,
I have heard that Mark has been practicing

(53:50):
several John Denver songs for his trip to Colorado.
So if there is a karaoke night,
Mark will sing
Country Roads and Rocky Mountain High.
And he will now give us a little taste.

(54:12):
Sorry, my mic was off.
Oh, I your your inflection in your face was just perfect.
Can't wait.
Oh, OK, guys.
Well, first week of the twenty twenty six down the drain.
I guess we'll see you next week.
Thanks for listening. Share us with your friends.
Share us with your meeting groups.

(54:32):
We really appreciate all the shares and the continued increase.
Oh, twenty twenty five was a record year for us for download.
So again, we appreciate the shares.
Keep it up. We'll see you next week.
See you.
We might not be the same.

(54:55):
You share the same pain that I do.
The views and opinions expressed in the K-12 Tech Talk podcast are the personal
opinions of Josh, Chris and Mark and do not represent the views or opinions
of our sponsors or other organizations that we're affiliated with.
The material information presented here is
for general information and entertainment purposes only.
Thanks for listening and we'll see you next week.

(55:15):
We were buying words about the phrase of the day
and selling songs just to stay in the queue.

All Episodes

Episode 245 - New Year, New Cyber Attacks

Episode Transcript

Popular Podcasts

Hey Jonas!

Stuff You Should Know

Dateline NBC

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Episode 245 - New Year, New Cyber Attacks