September is the New New Year: Cyber-Readiness for Back-to-School

Whether you’re starting fresh with new notebooks and planners, or just trying to remember your teaching schedule, the season of sharpened pencils and late-night study and grading sessions is officially here. And while you’re picking out a laptop sleeve that matches your vibe, hackers are sharpening their own pencils (see what we did there?) and looking for ways to get into school networks. In fact, ransomware attacks against schools, colleges and universities rose 23% year-over-year in the first half of 2025.

And it’s not just students they’re after. Professors, researchers, admin staff… Anyone online is fair game. With AI making scams more convincing than ever, campuses are basically giant neon signs for cybercriminals. 

So what does this look like?

• AI-powered phishing emails that sound just like your professor asking you to “click here real quick.”
• Password guessing based on common school email formats.
• Third-party vendor hacks that slip in through cloud services, research partners, and software providers.

The bottom line: being cyber-smart isn’t just IT’s job, it’s on all of us. Think of cyber-prep like the extra cup of coffee you need to survive an 8 a.m. class. Small habits make a big difference:

• Don’t click on shady links, even if they look like they came from the financial aid office.
• Use passwords long enough to make a hacker cry.
• Add multifactor authentication like you’d add a second lock to your apartment door.
• Keep your devices updated instead of hitting “Remind me later”.
• Back up your files before finals week becomes a horror story.
• Lock your laptop when you step away, and clean up your digital footprint, your future you will thank you.

And since this is 2025, we have to mention AI. Sure, it’s tempting to let the robot outline your essay, but don’t let it think for you; at the end of the day, college is about building your own skills, isn’t it? Also never, ever feed sensitive data into an AI tool, it’s not as private as you think.

Here is your 10-item cyber-readiness checklist:

1. Guard your school email. Your .edu account isn’t just for discounts, it’s the key to grades, financial aid, and personal info. Double-check suspicious emails, and never click on weird links or attachments.
2. Power up your passwords. Each one should be long, unique, and hard to guess. Use a password manager to make life easier.
3. Turn on MFA. Multifactor authentication is like putting a deadbolt on your door. Even if your password leaks, hackers won’t get far.
4. Watch out beyond email. Scams now come by text, DM, or even fake job postings. If someone’s pushing urgency, money, or QR codes, pause and verify.
5. Update, update, update. Automatic updates = patched security holes.
6. Back up your files. Between spills, crashes, and theft, things happen. Use cloud storage (Google Drive, OneDrive, iCloud) and an external hard drive for extra peace of mind.
7. Lock your devices. Even a bathroom break is long enough for someone to snoop. PINs, biometrics, and “Find My Device” are your friends.
8. Tidy your digital footprint. Review privacy settings, delete old accounts, and share wisely.
9. Know your resources. At UMD, contact IT at spam@umd.edu if you suspect a phishing attempt. Asking for help is smart.
10. Be wise with AI. Helpful tool? Yes. Essay ghostwriter? No. Sensitive info vault? Definitely not.

September is basically the new New Year, so, set your intentions, stock up on snacks and coffee, and make cyber-readiness part of your routine. It might not be as fun as picking out a new backpack, but trust me, it’ll make the year a whole lot smoother.

Happy New [school] Year!