Class is in Session: Schools Suffering from Growing Ransomware Threats

It goes without saying that school looks quite different in 2020 compared to any school year prior to it. Some schools are still completely virtual, while some have adopted the hybrid model of partial online, partial in-person learning. Cybercriminals are always targeting overworked and under appreciated (and usually under-secured) institutions such as those in the educational system or medical fields, and it is even worse with the chaos being left in the wake of the crippling Coronavirus pandemic. The oddities of the current educational operations that many states’ schools have adopted are only further aiding these malicious actors in their quest to terrorize the online world with a myriad of threats.

One of the cyberattackers’ go-to threats is a ransomware attack. This happens when a company’s, individual’s, or in this case, school’s, networks and databases — full of sensitive data — are compromised and information is stolen from them. The stolen data is then held for ransom by the attackers until the victim pays up to retrieve their files back. While ransomware attacks are always impending threats to school systems, ransomware attacks are currently on the rise both in volume of attacks and speed of stealing schools’ all-important data.

Oklahoma School District Gets Lucky

An example of this can be seen in an Oklahoma school district which was slated to begin its school year in mid-August. Mere days before the children were set to begin their classes for the fall semester, cybercriminals hit the school system’s online operating system, PowerSchool, with a ransomware attack. While the district had the data backed up to an external server not connected to PowerSchool, and it appears that no student or teacher information was stolen in this attack, the sensitive information of this entity and its stakeholders was put at risk in a major way. Most schools or school systems are not so lucky to leave this sort of situation mostly unscathed other than a delayed opening.

Grade Schools Are Heavily Targeted

Students in grades K-12 have been in online school since March of 2020 and many are operating completely online to this day; some with optimistic transition plans for the teachers’ and students’ returns to their classrooms. Back in the spring semester when the world abruptly shifted to online, the FBI warned that cybercriminals would use K-12 schools as “opportunistic targets” as they are not usually equipped to protect their usual systems, let alone protecting the less secure WiFi connections of hundreds, if not thousands, of students. Just last week, Fairfax County Public Schools suffered a crippling ransomware attach which required them to seek out the assistance and protection of the FBI. With over 188,000 students, this is the 10th biggest school district in the United States — that is a significant number of data pieces put at risk. Similar scenarios can be seen impacting school systems across the country.

Why Schools?

  • Amount of Data: As is evident in the Fairfax County example, school systems have a significant amount of information saved on their databases due to the sheer number of students and teachers within them.
  • Use of Unchecked Third Party Sites: Websites like Skype and Zoom have seen a significant increase in usage for things which were less common prior to the pandemic. While they are convenient options to continue classes in the middle of a crisis, they can also present vulnerabilities to unsuspecting school systems. Zoom in particular was an entity which saw a significant rise in misuse and cyberattacks when schools and businesses alike shifted to using this service.
  • Lack of resources, adequate protection: Schools, particularly public school systems, suffer from significant budget constraints and because of this, protection is not adequate. This is the case even for normal operations and with the shift to online, it is even worse. Teachers, students, and administrators are exhausted and overwhelmed; not only are they doing their usual jobs but now they have to scramble to try and be secure without even being in person.

How to Combat

  • Emphasize safe practices: For students, teachers, and administrators, cybersecurity best practices should now be a part of the typical beginning of semester orientation plans. Encourage students to cover their webcams, not click on any suspicious or unrequested links, and promote the use of secure, somewhat complex passwords.
  • Invest in online cybersecurity training: More than just the simple best practices that students should know, teachers should encounter helpful cybersecurity training in order to help them better operate as facilitators of information. Though this is above and beyond the typical job description for a teacher, this is an important aspect of the job that has to be adopted since the pandemic has come about.
  • Monitor systems: Though it is true that schools and schools systems are underfunded, if at all possible, try and find budget to take care of the crucial necessity of cybersecurity both in a reactive and, preferably preventative, manner. Hopefully, as the government sees these continued attacks of school systems, they will seek out specific school cybersecurity funding planned into the budgets.

Image by Upklyak for Freepik.