‘Insane’ glitch in education software gives predators easy access to schoolkids, cyber safety expert warns
- A cyber security expert has warned education institutions of potential dangers
- The eSafety Commissioner has pinpointed a glitch in the Google Education Suite
- The glitch could allow for predators to take advantage of simply student emails
- Loophole allows potential for predators to contact students on their emails
A cyber security expert has warned education departments of a glitch in their software which could allow predators to gain access to schoolchildren.
Julie Inman Grant, eSafety Commissioner, drafted a letter for every state and federal education minister in Australia to warn them of the risks associated with the Google Education Suite software, The Daily Telegraph reported.
Her main concerns centre around the simplicity of email addresses given out to NSW students to access the program.
Those emails consist of the student’s first and last name, and every student in NSW has access to the software.
eSafety Commissioner Julie Inman Grant drafted a letter for every state and federal education minister in Australia to warn them of the risks associated with the Google Education Suite software (stock image)
Mrs Grant said the loophole could allow easy deciphering of a student’s email for a predator who could then validate that email using Google Hangouts and then make contact with the student.
‘We understand the email naming conventions used by some state and independent schools may be easy to guess and validate, if account privacy and security settings are inadequate,’ she told the publication.
Mrs Grant said all education institutions needed to do their ‘due diligence’ to ensure this wasn’t the case.
Her concerns were reinforced by Australian Students Privacy Coalition’s spokesman Michael Uren who said it was an ‘insane’ oversight.
Strangers would be able to contact students through email or by sharing a Google Doc with them even if the access to the software for that email has been blocked.
‘If not locked down, Google’s Suite for Education allows a 40-year-old paedophile, maybe pretending to be a 10-year-old, to share joint-editable docs with your child,’ Mr Uren said.
Federal Education Minister Dan Tehan said the state government is aware of the potential risks and told the publication they were working towards a solution.
‘When the issue was raised with me, I had my department write to every state and territory education authority expressing my concern and asking them to act,’ she said.
Mrs Grant (pictured) said the loophole could allow easy deciphering of a student’s email for a predator who could then validate that email from a remote location and make contact with the student
The news comes only months after Mrs Grant announced a new project to help protect children online.
In June Mrs Grant released announced the office had joined a global project combating online child abuse with AI, Project Arachnid.
‘Through this work, the Cyber Report team will make a significant impact in restricting the availability of child sexual abuse material to those who are seeking and distributing it,’ she said.
‘We have an important role to play here in Australia, but ultimately, this is a global problem requiring a global solution, and we’re proud to be partnering with likeminded agencies around the world to fight this scourge.’
Analysts will help classify images detected by the Arachnid crawler, contributing to the comprehensive central database of child sexual abuse material ‘hashes’, or digital fingerprints.
Cyber Report will also gain access to the Arachnid Hash List of known child sexual abuse material, reducing investigators’ exposure to harmful content and improving the welfare of staff.
Australian Students Privacy Coalition’s spokesman Michael Uren said if not locked down, Google’s Suite for Education could allow a 40-year-old paedophile to share joint-editable docs with a child (stock image)