High schools, for the most part, are insecure by nature, especially from an insider threat. If a student really wanted to hack a school’s network, they would find that it was relatively easy to do so. Most schools have desktops that the students use, this would be the first place an attacker would look.
Students are normally given a basic user account with restricted permissions. A student would look to see what could be accessed at their current user level, and how they could escalate to a high level. A critical flaw that most schools have that can’t really be avoided is the number of active Ethernet ports around a school. There are normally so many so that if a device needs internet capabilities it is easily accessible. These ports are an attacker’s pot of gold; the ultimate in for any network; they allow for access to the school’s network not on the WiFi. All the desktops, all the printers, all the phones, everything.
The easiest way that a student could attack a school’s network is bringing their own device form home and just simply plugging it into one of these ports. Once they do this they can perform an almost unlimited number of attacks. They now have a computer with no monitoring software, no blocked privileges, and with Kali Linux installed on the laptop then they can have almost any tool at their disposal. Most classes are 45 minutes to an hour and a half long, this gives a student plenty of time to stay in one spot plugged into the network and to do basic reconnaissance and attacks.
Normally in a corporate setting this wouldn’t be the end of the world, but for schools it can be a different story. Schools are normally very lacking in the IT department so they don’t have the proper monitoring to detect malicious activity on the network. The attacker would start will basic network scanning, seeing what devices they have access to and what ports are open on those devices. Besides computers and servers, IOT devices are also common on school networks, these are normally very easy to hack because they are normally overlooked and not secured.
After initial reconnaissance, the attacker would then go after the Active Directory and the Domain Controller. If they go after the Active Directory, then they could get all the passwords for the accounts relatively easily. If the attacker gets to Domain Controller than at that point they would have complete access to all the accounts for that school, students, teachers, staff, even administrators. With this the attacker could see/destroy personal files, lock people out of their accounts, and ultimately they could bring down the entire network leaving the entire school without internet.
The main reason for schools to be vulnerable to attacks is that the IT staff are incredibly out numbered. Normally 1-4 staff to monitor and fix the endpoints of hundreds of students and staff. Not only are they understaffed but under budgeted as well, they cannot get the proper equipment to monitor the network and keep it safe.
Also with introduction with 3rd party solutions they make the response to incidents inefficient and effectively makes the network a sitting duck to attacks with no quick way to recover. With the resources IT departments normally have they simply can’t keep tabs on all the students’ activities and making sure that the network is safe.