Public school systems often have limited budgets for cybersecurity safeguards and have become targets of more attacks.
Published On 31 Jan 2022
Amid a growing reliance on technology due to the coronavirus pandemic, cyberattacks have become a growing threat to schools across the United States – leading to school shutdowns and to demands for more funding to address the problem.
Starting last year, when many schools were more dependent on technology in order to conduct virtual learning due to pandemic shutdowns, several high-profile incidents were reported, leading school officials to scramble to recover data or even manually wipe all laptops.
“Pretty much any way that you cut it, incidents have both been growing more frequent and more significant,” Doug Levin, director of the K12 Security Information Exchange, a Virginia-based nonprofit that helps schools defend against cybersecurity risk, told The Associated Press.
Precise data is hard to come by since most schools are not required to publicly report cyberattacks. But experts have said public school systems — which often have limited budgets for cybersecurity expertise — have become an inviting target for ransomware gangs.
School systems that have had instruction disrupted include those in Baltimore County, Maryland and Miami-Dade County, Florida along with districts in New Jersey, Wisconsin and elsewhere.
Levin’s group has tracked more than 1,200 cybersecurity incidents since 2016 at public school districts across the country. They included 209 ransomware attacks, when hackers lock data up and charge to unlock it; 53 “denial of service” attacks, where attackers sabotage or slow a network by faking server requests; 156 “Zoombombing” incidents, where an unauthorised person intrudes on a video call; and more than 110 phishing attacks, where a deceptive message tricks a user to let a hacker into their network.
According to a report by the K-12 Cybersecurity Resource Center, an organisation that tracks cyberattacks on US schools, in 2020 alone, there were more than 400 cyberattacks on schools, a number that experts said is a vast undercount.
The new data comes amid increasing challenges to keeping schools in the US open, amid a recent surge in COVID-19 cases due to the spread of the Omicron variant. President Joe Biden has pledged to keep schools open, citing the importance of in-person learning for children’s education, and has increased school funding for tests, masks and hygiene protocols.
In October, Biden signed the K-12 Cybersecurity Act, which calls for the federal cybersecurity agency to make recommendations about how to help school systems better protect themselves.
“The global pandemic has impacted an entire generation of students and educators and underscores the importance of safeguarding their sensitive information, as well as for all Americans,” Biden said at the time. “This law is an important step forward to meeting the continuing threat posed by criminals, malicious actors, and adversaries in cyberspace.”
In New York City, after an attack this month on third-party software vendor Illuminate Education, teachers across the city could not access grades. Local media reported that the outage added to stress for educators already juggling instruction with enforcing COVID-19 protocols and covering for colleagues who were sick or in quarantine.
Last year, the FBI issued a warning about a group called PYSA, or “Protect Your System, Amigo,” saying it was seeing an increase in attacks by the group on schools, colleges and seminaries. Other ransomware gangs include Conti, which last year demanded $40m from Broward County Public Schools, one of the nation’s largest.
Most are Russian-speaking groups that are based in Eastern Europe and enjoy safe harbour from tolerant governments. Some will post files on the dark web, including highly sensitive information, if they do not get paid.
While attacks on larger districts garner more headlines, ransomware gangs tended to target smaller school districts in 2021 than in 2020, according to Brett Callow, a threat analyst at the firm Emsisoft. He said that could indicate bigger districts are increasing their spending on cybersecurity while smaller districts, which have less money, remain more vulnerable.