Analyzing the Recent Surge in Cyberattacks on School Districts

Cybercrime is on the rise globally, with more sophisticated tools available to attack vulnerable IT systems. Since the start of the COVID-19 pandemic, numerous school districts have experienced these attacks, which increased by 20% in 2020 compared to the previous year. A cybercrime attack like ransomware can cripple an organization and paralyze learning in a school. Without updated cybersecurity systems and cyber liability coverage, it could be difficult for impacted schools to recover from resultant losses in a timely and efficient manner.

Pandemic restrictions have forced many districts to rely more on virtual learning technology. Unfortunately, by making the digital switch, they’ve potentially become an easier target for hacking. In some cases, they may have suffered learning disruptions as a result, and sometimes their e-learning resources have even been shut down for a period of time.

Breach or seizure of e-learning systems in some districts has had devastating effects such as:

• Deletion of student information, hindering remote learning
• Theft of students’ and staff’s personal/private information, leading to credit or identity fraud
• Unwanted disclosure of personal information online

Cybercriminals illegally access the systems before encrypting the data to make digital student information or e-learning resources unavailable to learners and teachers. Affected school districts are then asked to pay a specified ransom fee to regain control of their network. In most instances, the illegal IT system seizures come with the threat of exposure of student information online unless the ransom demand is met.

Such attacks (ransomware) comprise about 12% of the cyber incidents impacting K-12 schools. Data breaches and leaks constitute almost 40% of the attacks. Criminals have also employed other tactics like denial-of-access, which usually accompany ransomware infringements. These forms of IT system breaches are behind the recent wave of remote learning disruptions in some districts.

Unfortunately for learners, not all impacted school systems can meet the hackers’ ransom demands. The consequences can be detrimental, as was the case in Fort Lauderdale, Florida, when the Broward County School District experienced a ransomware attack. Attackers demanded $40 million, but authorities declined to pay. In retaliation, the hackers published about 26,000 files they had stolen from the district’s IT system.

Besides the rapid adoption of technology in learning, other factors have contributed to the recent escalation of cyber breaches in schools. For starters, many districts incorporated virtual systems without adequate cyber security in place. In addition to adding new technology and systems, a majority of these districts were understaffed in the cyber security department.

Due to a lack of funds, other school systems still use outdated technologies. Most of their students and employees may also not know what to do to abate these cyber threats.

The fact that cybercriminals are increasingly employing advanced hacking techniques complicates matters for the people in charge of building school network defenses. Often, remote students and educators have easily fallen for phishing scams after receiving spoofed email messages. It’s high time that school districts and local governments got better at thwarting cyber attacks.

Some viable remedies that these authorities can adopt to improve the security of their IT systems include:

• Having a risk assessment performed for cyber security controls
• Formulation of adequate cybersecurity protocols (and enforcing full compliance)
• Stronger password policies
• Cybersecurity education for all stakeholders, including educators and learners
• Cybersecurity insurance to pay for data breach-related losses, including ransom payments and identify theft/fraud
• Hiring cybersecurity personnel to help build stronger network defenses