K-12 Schools Face an Increased Danger of Cyber Attacks
There have been thousands of cyber attacks against K-12 schools in the past few years, and the rate of attacks is only accelerating. 2020 and 2021 were particularly bad years for such incidents.
According to a report from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the K–12 education segment of the economy became a prime target for ransomware in the 2020-21 school year. During that time, 57 percent of all reported ransomware attacks targeted K–12 institutions, a 28 percent increase over the previous year.
Why Are There So Many Cyber Attacks Against Schools?
Why are schools being targeted? There are several converging factors:
- The rise of remote learning during the pandemic increased the number of devices and users, expanding the available attack surface. Those numbers have not decreased to pre-pandemic levels.
- Student and staff users are often not trained to recognize the signs of a cyber threat, making them vulnerable to phishing and other schemes.
- Cybercriminals are becoming more sophisticated. Instead of relying on malware, many attacks are directed by a specific adversary who studies targets and finds vulnerabilities.
- School districts possess sensitive personal information that is a tempting target and often inadequately protected. Nearly 40 percent of attacks against schools involved data breaches. In addition, attackers often threaten to release such sensitive information if ransoms aren’t paid.
- The rise of ransomware has made cyber attacks against schools more lucrative as adversaries leverage techniques previously used on businesses and government agencies.
- School districts provide vital services and cannot afford disruptions. For example, Athens school district in Texas paid $50,000 when an attack shut down the system and delayed the 2021 start of school.
- A severe shortage of IT professionals leaves many schools vulnerable. Only one in five districts has dedicated cybersecurity professionals.
Cybersecurity Hazards for Large School Districts
Which districts are most vulnerable? Perhaps counterintuitively, large and higher-income school districts are most often targeted. They generally have greater access to technology and are more likely to rely on technology for instruction and communication.
Furthermore, larger school districts have more students and employees using that technology, and large schools in urban areas are more likely to be recognized by attackers. On the other hand, smaller student enrollment means that some districts offer a reduced threat profile to attackers and few opportunities to be affected by user mistakes.
Cybersecurity Assistance for Schools
Fortunately, help is on the way for educational institutions. Following the K-12 Cybersecurity Act of 2021, CISA is studying the cybersecurity problems of K-12 schools and will issue recommendations.
The CARES Act has funding available for K-12 cybersecurity projects through September 2022. In addition, a bill in Congress would allocate funding specifically for K-12 cybersecurity assistance, and the Consortium for School Network is leading other organizations in petitioning the Federal Communications Commission (FCC) to allow funds from the E-Rate program to be used for educational cybersecurity.