When we talk about cybersecurity threats, we usually think of hackers breaking into large corporations’ servers, law firms with leaks of sensitive information, or cybersecurity on a government level. However, K–12 schools might be more at risk of such threats than you realize.
According to Berkeley, “From July to August, 2020, Microsoft’s Global Threat Activity Tracker detected more than 8 million malware incidents — with education being the most affected industry.” This is especially true with the rise in e-learning since the pandemic. When schools face cyberattacks, it’s students, teachers, and school administrators who are at risk.
Understanding a School’s Cyber Threats
Of course, a cybercriminal targeting a school will have a different aim than one targeting a law firm or a government office. To better strengthen cybersecurity at your school, it’s important to understand the threats that face schools in particular. The FBI and the Department of Defense Technical Information Center have found that the most common cybersecurity threats facing schools include:
- Data breach: School cyber systems actually house quite a bit of sensitive information. The primary type of data targeted by cybercriminals is student records. Students may be trying to tamper with their own records, or outside individuals may want to use their data for more nefarious purposes. Employment transcripts from teachers can also be the target of a data breach.
- Denial of service: Does your school have its own website? An internal server that teachers and administrators use? An online hotline of some sort? Denial of service often involves flooding a server with requests so that it crashes and becomes unusable. Though denial of service might not be as invasive as other types of cyberthreats, it can still be harmful to school systems.
- Spoofing/phishing: Spoofing and phishing both involve sending fraudulent e-mails in an attempt to obtain sensitive information. Spoofing refers to a fraudulent e-mail that appears to come from a legitimate contact, while phishing usually involves pretending to be an official organization requesting information. There is also spear phishing, in which the phished e-mail is made to look as though it came from a colleague. If an e-mail seems suspicious, it’s always best to check with the source outside of e-mail to ensure that it’s not a scam.
- Malware: Malware involves software downloaded into your system with the purpose of installing a virus. Suspicious links in e-mails or attachments to certain downloads can be malware. Similarly, “scareware” is sometimes deployed to apply fear and pressure on IT administrators to download a particular anti-virus software.
- Ransomware: Ransomware is deployed like malware. It’s an invasive software often downloaded unintentionally. Once installed, it encrypts files in the computer system and holds them “for ransom.” Ransomware users request large amounts of funds, typically in the form of cryptocurrency, before they will release the files. In some cases, perpetrators may threaten to publish sensitive information if they are not paid in a timely fashion.
Some of these types of cyber threats may overlap each other. For instance, malware, scareware, and ransomware often end up on school computers through spoofing and phishing. Data breaches can also be caused by any of these methods.
School Cybersecurity: A Brief Case Study
Cybersecurity threats have risen in schools since 2020 because of the COVID-19 pandemic. With so many students participating in remote learning, there were (and still are) some schools that were largely, if not solely, dependent on digital systems. That means that not only are cyberattacks more common in schools, but the results can be more devastating.
One example of this is a cyberattack on Albuquerque Public Schools in January of 2022. The largest school district in the state of New Mexico, Albuquerque public schools were shut down for two days as a result of a ransomware attack on their student information systems. These systems held records of roll call, family contact information, and adults authorized to pick up students from school. Without them, the school could not function and had to close.
After two days, the ransomware issue was resolved, though the perpetrators were not caught. This time off was problematic for students who had already suffered scheduling instability due to the pandemic. More unnerving to administrators, however, was the fact that the school was clearly targeted by cybercriminals who are likely still out there.
How to Protect Schools From Cyberattacks
One thing that’s clear is that cybersecurity in schools must start with school leaders. Teachers often do not have the resources or the know-how to find and implement proper cybersecurity solutions. Students certainly don’t. But with the threat of cyberattacks rising, school leaders need to acquire these resources to protect their school communities.
Part of that process requires regular training. Teachers and administrators should have mandatory training sessions that show them how to handle data breaches, ransomware, and phishing attacks. Security awareness training can help staff to learn how to spot these types of attacks and prevent them in the first place. Schools can also invest in anti-virus software or provide regular software updates. The more updated and secure the software is, the more fortified it will be against security attacks.
Cyberattacks against schools aren’t just a threat to personal information like student records. Like the case in Albuquerque, they can actually impede a school’s ability to serve and educate its students. The better your software is protected, the better your school can do what it does best: teach.