K-12 School Districts: Not Child’s Play for Cyber Attacks
Lots of kids daydream about impromptu school cancellations.
Now, thanks to virulent ransomware strains like Ryuk and other malware variants, as well as email-based cyberattacks, many students across the US are getting their wish.
A Worrisome Trend
Though they may not make headlines like attacks on brand-name enterprises do, school cybersecurity attacks are becoming a worrisome threat. School districts hold large amounts of personal data: student names, addresses and birthdates as well as health and academic records. And in many cases, districts don't have staff that is specifically tasked with maintaining cybersecurity. They often lack the proper security measures and strategies to protect the sensitive data in their keep.
This presents attackers with an astounding opportunity to break in and abscond with as much data as they can find, cause as much damage as they please or demand as much ransom as they can get, with little to no resistance. Spear phishing, data breaches, denial of service attacks and, of course, ransomware and malware are some of the most common threats facing schools across the US today.
For example, in July, Louisiana experienced an attack that affected three school districts and took down their phone system. In New York, a ransomware attack locked Rockville Center School District computers and resources, and hackers demanded a decryption fee of $88000. And in Flagstaff, Arizona, students were surprised by an unanticipated two day “vacation” just after the opening of the school year, while officials scrubbed endpoints to contain ransomware that had found its way inside their network.
The list of recent victims goes on; Northshore School District in Washington State, Rockford Public Schools in Illinois and Mobile County School District in Alabama are just a few of the other districts that experienced damaging cyber attacks in 2019. In total, over 500 schools have been affected and the list keeps growing with each passing week. In fact, by early August, the total number of cyber attacks affecting school districts in the US surpassed the total number of school district cyber attacks in the previous year.
More Tech, More Vulnerabilities
This is an especially worrisome trend, since classrooms are becoming more dependent on technology. The classroom of today is equipped with tablets and Chromebooks, each outfitted with lots of apps. Now, not only do IT staff need to consider their own database and network, they must be aware of the devices teachers use in the classroom. What’s worse, these additional endpoints greatly increase the surface through which attackers can infiltrate districts.
Moreover, schools are increasingly investing money into new digital learning initiatives, such as tailored learning systems and assignment organization tools. But unfortunately, these tools can’t guarantee user security. Take a look at Chegg, a popular edtech company that helps students with assignments and rents out textbooks. In September 2018, they revealed that they had been breached, exposing the passwords and data of 40 million student users.
Keep in mind, too, that schools communicate with hordes of external vendors, leaving them vulnerable to attacks via third party partners. In August of this year, the Shenandoah County Public School District announced it had been breached via a software vendor they had previously used, exposing student and administrative data.
Finally, attacks may be perpetrated by students themselves (like the two students who broke into the network at Bloomfield Hills High to change their grades and attendance records, as well as refund their lunch purchases). Many attacks go unreported—and may even remain undiscovered indefinitely, as is likely to occur in districts lacking even the most basic security awareness skills.
How to Prevent School District Cyber Attacks
What it comes down to is that businesses are finally aware of how vulnerable they are to cyber attacks, but educational institutions have yet to catch up with that realization. A recent survey by the Consortium for School Networking found that technology leaders in the K-12 range “don’t see cybersecurity threats such as ransomware attacks, phishing schemes, and data breaches as a significant problem”. And only 25% of K-12 schools have dedicated security staff. Moreover, even if they did see the reality of the danger, many districts simply can't spare the cash to implement proper tools and strategies, since all resources are needed for education initiatives.
While the razor-focus on education is clearly a good thing, ensuring the security of student data is just as critical.
In a recent statement, the FBI implored parents and school districts to increase their awareness regarding the risks facing the K-12 sector. Meanwhile, The Future of Privacy forum advises parents to speak to district admins to check what data is being collected and how it’s used and stored.
District IT teams need to turn their attention to security solutions that won't bleed them dry; Ericom Shield Remote Browser Isolation is a cost-effective way to block web-borne threats like ransomware, malware and spear phishing from reaching endpoints.
With Ericom Shield, all active web content is rendered in virtual browsers located in disposable containers. Users interact seamlessly with a safe media stream via their standard browser: No active web content ever reaches the endpoint. When a browsing session is concluded, all content—good and bad—is disposed of, eliminating all potential threats. The user experience is completely seamless and natural, making it an ideal solution for student-used devices. And as we all know, an ounce of prevention is worth a whole pound of cure.
Schools are travelling a one-way path toward technological advancement—and that's a great thing for the students of today and tomorrow. But it’s up to those in charge to ensure that as digitization continues, both student and district data remain secure.