As the scourge of ransomware continues unabated, K–12 education increasingly falls victim. As of December, at least 283 U.S. public schools and districts have reported cybersecurity incidents in the nearly two years since January 2016, according to the EdTech Strategies’ K-12 Cyber Incident map.
In October — coincidentally, National Cyber Security Awareness Month — the U.S. Department of Education issued a warning about ransomware: “Criminals are seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records,” wrote Tiina Rodrigue, senior cybersecurity adviser for Federal Student Aid, an Education Department organization. “In some cases, this has included threats of violence, shaming or bullying the children unless payment is received.”
K–12 Schools Make for Easy Marks
While none of the threats of violence were found to be credible, the warning served as a stark reminder that schools present ripe targets for cyberattack.
Strapped budgets, weak security and the vulnerability of young children to opening suspicious email attachments make ransomware a worrisome concern.
Although some districts choose to pay a ransom to avoid the long process of recovering their data, it is wiser still to focus on prevention and render the attackers ineffective. IT leaders in K–12 education can take several steps to safeguard their data and instill safe computing practices:
- Spread cybersecurity awareness. Faculty, staff and students alike share in this responsibility. School districts must regularly update and review their strategy to protect student and staff data and ensure that it’s understood and embraced by all.
- Emphasize digital citizenship. The aim of the October #CyberAware initiative is to promote safe computing practices. Train users to recognize and report threats, including phishing, spear phishing, social engineering and typo squatting (in which hackers bait users with domains misspelled by a single letter).
- Conduct a security audit. After a thorough review to uncover weaknesses and shore up any vulnerabilities, apply a mix of technologies, such as threat intelligence and sandboxing, to ward off zero-day attacks. Change factory-installed passwords, segment the network and limit administrative privileges for student accounts.
- Clean house. Delete malicious attachments and latent threats, and keep the doors locked by regularly applying patches and updates to operating systems and other vulnerable software. Create and review audit logs for suspicious activity.
- Maintain a backup schedule. Reliable, cloud-based backups are crucial. Reinstalling software and recovering data may be time-consuming, but it beats paying a ransom and further encouraging attackers. Carefully document restoration procedures and data continuity plans.
The Department of Education estimates that more than 60 percent of the schools targeted by hackers between 2016 and 2017 chose to pay a ransom to free their data. In 2018, your district doesn’t have to join them. Here’s hoping that vigilant awareness training and cyberdefense measures will nullify the threat of ransomware for all.