Colin Greenland | Beware of security dangers of online learning
According to UNESCO, the COVID-19 pandemic has resulted in schools being shut all across the world, and Jamaica is included in the over 1.2 billion children in 186 countries globally that are out of the classroom. Understandably, education has changed dramatically, with the distinctive rise of e-learning, whereby teaching is undertaken remotely and on digital platforms.
Whereas Nelson Mandela’s famous quote, “Education is the most powerful weapon which you can use to change the world,” continues to be true, Donna Abernathy has astutely added, “Online learning is not the next big thing, it is the now big thing.”
Here in Jamaica, there has been much debate on the pros and cons, challenges, and even opportunities arising from online learning. This online learning experience, however, will force the island’s population, especially the future citizens – our children – to be more sensitised and better prepared for a world of increasing electronic realities. Once they join the working population, they will be a part of the digital platforms, for example, that 90 per cent of corporations now use e-learning compared to just four per cent in 1995 (according to KPMG, LinkedIn); 68 per cent of employees prefer when learning takes place at the workplace (according to LinkedIn); by 2022, the global e-learning industry is projected to surpass $243 billion (according to Statista); and by 2026, the global e-learning industry is projected to reach $336.98 billion (according to Research & Markets).
Not enough debate however, has been generated on the security susceptibilities and vulnerabilities on online learning, which depends on the Internet for its execution. The innumerable risks, illegal activities, attacks, and security threats occurring daily via the Internet leave every element in an online learning environment prone to not only the inherent security risks such as identity theft, but other forms of dangers specific to e-learning. These may include unauthorised modification and/or destruction of educational assets, loss of confidentiality and availability, the exposure of critical data, vandalism of public-information services, and other threats too numerous to expound here.
The International Review of Research in Open And Distance Learning (IRRODL) has identified some typical security risks and protection measures in online learning, shown in the table below:
• ARP cache poisoning and MITM attack
• Brute force attack
• Cross-Site Request Forgery
• Cross Site Scripting
• Denial of Service
• IP spoofing
• SQL Injection
• Session Hijacking
• Session Prediction
• Stack-smashing attacks
• Installing firewalls and antivirus software
• Implementing Security Management (ISM)
• Improving authentication, authorisation, confidentiality, and accountability
• Using digital right management and cryptography
• Training security professionals
It is important to note that the threats can originate from both outside (hackers, etc) and insiders (IT personnel, teachers, even students themselves), so the security systems should seek to be robust, comprehensive, and ongoing.
The Ministry of Education, in collaboration with the United Nations Children’s Fund (UNICEF), through its National College for Educational Leadership, should be commended for launching a Virtual Instructional Leadership programme earlier this year in June. It is hoped that this initiative and other components of the nation’s online learning journey will include security-protection mechanisms in their curriculum and operations since every element in an online learning system can be a potential target of hacking or attacks.
With regard to Jamaica’s experience in online learning, we would be wise to concur with the philosophy of the legendary Anglo-Irish author, orator, statesman, political theorist, and philosopher Edmund Burke, who opined:
“Better to be despised for too anxious apprehensions than ruined by too confident a security.”
Collin Greenland is a forensic consultant. Send feedback to email@example.com