Abstract

A Trojan horse is concealed from you and triggered when you launch your favourite computer application, like an email greeting card. School districts are especially susceptible. Unlike malicious Trojan horses, however, lawful Trojans are used under strict regulations, oversight, and judicial approval. Law enforcement, a government agency, or an authorized entity will deliberately deploy a lawful Trojan horse to conduct surveillance or gather information from specific targets within legal frameworks. The United States has developed a thorough legal framework to tackle cyberattacks, including federal statutes, executive directives, and regulatory measures. The U.S. has categorized school cyberattacks into five major types: data breach, ransomware, email compromise, distributed denial of service (DDoS), and invasion attacks. Several countries in Europe have recommended that law enforcement agencies learn to hack into computers and mobile devices to access their data. But what type of training is required: prevention or retaliation? Who requires this training?