School Districts Plagued with Ransomware Attacks

School Districts Plagued with Ransomware Attacks

The recent attack that shut down the Colonial Pipeline has made “ransomware” a household word, but this cybercrime is nothing new. School districts have become particularly vulnerable to these attacks, which have increased substantially over the past year as schools shifted focus to provide remote learning for students. In a report published by the K-12 Cybersecurity Resource Center, there were a record 408 cyberattacks in 2020, an increase of 18% from the previous year.

Ransomware attacks have been responsible for completely shutting down online classes by encrypting student information and holding it hostage. Personally identifiable information (PII) on both students and staff is also at risk in these attacks. Hackers will often post stolen data on the dark web when ransoms are not secured.

In a recent attack against the Broward County School District in Florida, the malware group Conti published close to 26,000 files from district servers after the district refused to pay the $40 million ransom demand. Most of the files contained district financial records but a few incidents of confidential student and employee information did occur.

In June of 2020, The University of California, San Francisco paid a ransom of $1.14 million after the School of Medicine was attacked in order to recover important research data. In particularly disturbing cases in Ohio and Nevada, students and employees were compromised when social security numbers, birthdates, disciplinary records, employee evaluations, and grades were posted school districts refused to pay the ransom. Other recent attacks have included a breach on the Centennial School District in Gresham, Oregon that resulted in district data being published on the dark web, and Baltimore County schools in Maryland that resulted in schools being closed for several days. These are just a few examples of the increasing number of attacks that have taken place over the past year.

As with most security issues, human vigilance is the first line of defense. Strong passwords are an essential step towards securing systems against cyberattacks. Educating those with system access to recognize red flags in emails and messages is another important step. Implementing multi-factor authentication is an economical practice that can greatly increase the security of a system.

School systems tend to operate within tight budget constraints resulting in minimal, overworked staffing who are ill-equipped to address information security concerns. While reluctance to invest funding in information security that could otherwise be used to secure effective teachers or learning materials is understandable, the costs of not doing so can be devastating if a system is breached. Ultimately, to close the loopholes that allow attackers to penetrate an organization or business, they should employ a professional cybersecurity service that will test for vulnerabilities.

Asteros Cybersecurity Services specializes in small- to medium-sized businesses and organizations including educational institutions. Schedule a free, no-strings-attached attack surface audit  today to assess potential entry points to your network and learn how Asteros can help eliminate these risks.