11/20/2009 | PATRICK WALSH
For research assignments, the web has eclipsed the library as the most convenient source of information, but while the school library is a safe place, the Internet is not. Even well-known and widely used research sites pose a risk to children. Wikipedia, for example, is one of the most popular destinations for homework research, but most parents and teachers are completely unaware of the extensive amount of adult content — complete with pictures — on every topic from the birds and the bees to BDSM. Though Wikipedia is frequented by children, these pages do not have interstitial warning pages and many have seemingly innocent topics like RealDoll (a sex doll) that a child could easily stumble upon.
Good Comes with Bad and Ugly
Forty-two percent of children between 10 and 17 have seen online pornography in a recent 12-month span. Sixty-six percent of those children did not want to view the images, but stumbled upon them accidently, according to Wolak, Janis, et al,“Unwanted and Wanted Exposure to Online Pornography in a National Sample of Youth Internet Users.”But pornography is only one of the web’s dangers.
The web is being used by criminals to steal identities and money, and to infect computers with malicious software used to propagate spam, steal login credentials and drain bank accounts. Children are prime candidates for identity theft because their credit histories are clean and it’s unlikely anyone will notice their identity’s been stolen until they are older.
Several years ago the primary vector for the spread of malicious software (called malware) was e-mail, but today that’s shifted to the web. This is not just limited to web back alleys and obscure sites either. According to Websense, in the second half of 2008, 70 percent of the 100 most popular sites on the web hosted malicious content or automatically redirected visitors to sites that did.
Individual workstations of students and teachers are far less protected than the public-facing machines managed by computer professionals. The web browser acts as a gateway between the Internet and nearly every application from Microsoft Word to Adobe Acrobat. Websites can cause files to download, which can trigger plugins (like the PDF or the Flash plugin) or external applications (like Word or Outlook) to load. If even one of these applications is not completely up-to-date, the machine is almost certainly vulnerable to an attack.
In the last several months, there have been numerous Flash, PDF and Micro-soft Office vulnerabilities that have been actively exploited to load malicious software on computers and then spy on users, steal credit cards, relay spam and more.
The simplest and possibly the most common way to infect a computer is simply to trick the user with a modern day Trojan horse. Sending an online postcard via email and signing it,“A SecretAdmirer,”is a surefire way for hackers to get someone to visit a malicious website. The website might then prompt the user to install some software in order to view the full message and within minutes the local anti-virus software is disabled, the firewall is bypassed and a hacker adds another notch to their belt.
Solution: A Layered Approach
Properly protecting a school from the underbelly of the web is possible, but requires multiple technologies starting with secure web filtering. A secure web filter is a product that labels all parts of a website so that objectionable content on sites like Wikipedia is blocked while the valuable and non-objectionable content is allowed. A secure web filter also frequently scans (and rescans) sites for threats such as social engineering tricks. These products also have real-time threat information updates to stay a step ahead of hackers. Products that update once per day cannot stop malicious sites effectively. Also, coverage must be effective so that un-scanned and uncategorized sites can be blocked without any detriment to the end-user’s experience.
In addition to secure web filtering, network administrators should make sure that every computer on the network — even visiting laptops — are kept up-to-date with the latest versions of all installed software, including anti-virus software. The administrator should also restrict both inbound and outbound connections at the firewall so that un-scanned non-web traffic cannot pass. This effectively stops the risk posed by peer-to-peer file sharing programs and other risky software.
In short, parents, teachers and administrators should continue to embrace the value of the web while deliberately protecting students and themselves from the unpleasant realities of it today as well.