Beyond the Churn: Chromebook Cyber Threats
Google is reportedly working on solutions to extend expiry dates and provide repair parts. Despite recent issues and bad press, it’s likely Chromebooks will remain a popular choice in schools. And that warrants a closer look at the day-to-day cyber threats associated with Chromebooks.
Malicious Browser Extensions
Technically, Chromebooks are pretty good at fending off viruses. However, malicious extensions are a growing problem. So much so that in June of 2023, Google removed 32 malicious extensions with 75 million installs from the Chrome Web Store. The ChromeOS is built around the Chrome browser—a browser that comes with all kinds of extensions to improve productivity. They’re easy to install and seem harmless, but poorly designed or intentionally malicious extensions can cause serious security problems. Bad extensions can synch to the Chrome browser on a Windows or Mac machine, making it challenging to solve the problem. If the extension isn’t removed from the Windows/Mac machine, it will keep resynching with the Chromebook causing a world of frustration. As with any computer having an up-to-date anti-virus solution is critical. There are many that work very well with Chromebooks.
Scam Android Apps
Newer Chromebooks support Android apps downloaded from the Google Play Store. Unfortunately, many of these apps, often advertised on social media, are fake or malicious. Some scams charge customers for apps that don’t work while others con users into subscribing to premium services they don’t need. Third-party app stores are particularly risky, although malicious apps are often found in Google Play.
To use a Chromebook, you need a Google account and that means Gmail and a direct line to students opening email. Scammers use email to trick users into visiting fraudulent websites where they’re asked for money or personal information. This is called phishing. Of course, phishing happens on all platforms, but parents should understand that Chromebook’s robust anti-virus features can’t protect kids from phishing and the potential fallout.
Access to Insecure/Dangerous Websites
Ideally, schools should disable Incognito Mode for browsing and ensure that Safe Search and open browser history are the default. Administrators can also enforce Restricted Mode for websites like YouTube. The problem is that most districts do not have dedicated network security personnel. In 2021, The Consortium for School Networking (CoSN) reported that 77% of districts surveyed did not have a full-time IT employee managing school networks. If the network is open, kids will explore.
Any device can be a tool for cyber bullies. When a school provides a device to every child, the opportunities for cyber bullying increases. And because many students bring their laptops home, bullying can happen after school hours and outside the school network. Talk to your kids about cyberbullying and take measures to protect them.