Malicious actors have been turning their attention to the nation’s schools in a significant and unwelcome way. The State of K-12 Cybersecurity: 2020 Year in Review report found an 18 percent increase in publicly-disclosed incidents over 2019 – the equivalent of more than two incidents per school day in 2020. Education was the second-most targeted sector in the first half of 2021, according to the a midyear threat report.
The shift to remote learning last year is partly to blame for this rise in attacks, as teachers and students relied on technology to deliver lessons, complete homework, and interact with students. When attackers target schools, learning is often disrupted, sometimes for days, as critical systems are taken offline.
The problem is significant enough that President Joe Biden signed into law the K-12 Cybersecurity Act, strengthening federal efforts to examine the cyber risks facing these institutions. And just what are those risks – and what needs to happen next? Read on.
Cybercriminals love to target schools
School systems are notoriously budget-strapped and therefore not always able to invest in cybersecurity, which makes them a prime target for attackers. IT teams have struggled to simply ensure that students can connect to school remotely. And teachers have had to wrestle with unfamiliar technology to upload and download lesson plans and homework assignments, broadcast their classrooms, and provide one-on-one assistance for struggling students. There has been little time or money left over for adequate security measures.
Schools get hit with many kinds of attacks, including denial of service (DDoS) attacks; ransomware and classroom disruption tactics that expose students to hate speech; shocking images, sounds and videos; and even threats of violence. Incidents like these have resulted in class disruptions and cancellations–and even school closures in extreme circumstances. One of the most high-profile multi-day school closures involved the Miami-Dade County Public Schools in Florida, which suffered a multi-day DDoS attack that closed school for more than 350,000 students. The second involved Fairfax County Public Schools in Virginia, which had to close school for several days for over 189,000 students due to widespread virtual classroom invasions.
It’s not just the schools; board meetings also have suffered disruption and cancellation, email services to and from school community members have been compromised, and children as young as kindergarteners have been exposed to racist and sexist speech, threats of violence and inappropriate images. Moody’s Investors Service says attacks on schools have “increased exponentially” since it began tracking cyberattacks in 2018.