Hackers Targeting School Districts

If the pandemic hasn’t tortured educators and students enough, cyber attackers are doing their best to terrorize school administrators across the country. Hackers have been studying weaknesses in K-12 IT infrastructures, threatening to release highly sensitive financial and personal information on the dark web if districts don’t pay hefty ransoms. Security experts estimate nearly 5,000 school districts have fallen victim to attacks since early 2020. 

Why have schools become such rich targets? Because they are a goldmine of sensitive data. Lots and lots of data. From student and staff information to infrastructure details such as budgets, banking and keyless door locks. Add to that the widespread distribution of digital devices for students and the set-up of WiFi hotspots for access to online learning, and you’ve got the potential for a huge network breach. 

Virtual learning forced districts to pivot to less secure IT practices—prioritizing connectivity for students over online safety—and hackers have been doing their homework. Sophisticated phishing schemes require only a single employee to mistakenly click on a false link, providing scammers access to a trove of private information. This data is then held hostage until a district pays off the cyber criminal or else financial and personal details are sold to identity thieves. 

The Broward County School District in South Florida had 26,000 stolen files released after the district negotiated a $40 million ransom demand down to a $10 million pay out. Cyber security is a complex industry and demands constant vigilance. It is also an expensive safeguard many districts simply can’t afford. Bad actors realize rural districts are especially vulnerable and have mercilessly targeted these areas. 

Well-funded districts can and should invest in assistance from firms like K-12 Security Information Exchange, a leading expert in education industry cybersecurity. Schools with smaller budgets can implement low-cost measures starting with a risk assessment. Understand how sensitive data is stored, make employees change passwords often, and conduct training with teachers and administrators that informs them about the myriad of ways hackers attack. 

Bear in mind, however, that cybersecurity experts say a district can put in place every recommended safeguard and still get hacked. Safety measures and firewalls aren’t foolproof, but they make schools less of a target. Directors of technology need to have an action plan in place. 

Fortunately policymakers are recognizing the need for increased legislation and funding, which includes president Joe Biden signing the K-12 Cybersecurity Act of 2021. This calls for the federal Cybersecurity and Infrastructure Security Agency to study and distribute steps that school districts can put in place to protect themselves.

~Tiffany Thompson

Further information:
Alyson Klein, “Cyber Attacks on Schools: Who, What, Why and Now What?” Education Week (via Government Technology), February 14, 2022; accessed March 9, 2022.
https://www.govtech.com/education/k-12/cyber-attacks-on-schools-who-what-why-and-now-what