As a former federal CISO who has spent decades designing and securing enterprise infrastructure, I've grown increasingly concerned as organizations continue to rely on legacy Privileged
When thinking about which industries get targeted most often in ransomware attacks, many people think that large healthcare and financial institutions would be at the top of the list.
Most people don’t associate cyber attacks with K-12 schools. However, a recent cybersecurity report noted that lower education, or K-12 schools, is the single most targeted industry for ransomware attacks, with 80% of schools reporting a ransomware attack in 2023. Cyber attacks are so prevalent at K-12 schools that, on average, there is more than one incident per school day.
Why are K-12 schools being targeted?
School systems are being targeted with ransomware and other types of cyber attacks primarily because of the large amounts of sensitive data they have on students and families. The data can include anything from names, addresses and Social Security numbers to health records.
In some cases, it can even be used to steal a child’s identity. Most parents aren’t monitoring their children’s credit, so it can often take years before victims learn about accounts opened in their child’s name. Additionally, cybercriminals know that many schools are strapped for resources and do not have the latest cybersecurity measures in place due to limited budgets, which makes them easier targets.
Data breaches can have serious consequences for students and families. In February 2023, the Los Angeles Unified School District disclosed a data breach involving 2,000 student assessment records that were posted on the dark web, including an unspecified amount of driver’s license numbers and Social Security numbers. Minneapolis Public Schools experienced an even larger data breach in early 2023, involving HR files, student disciplinary records, and personal information that was all leaked on the dark web. The school district has said that the breach affected more than 100,000 people.
Schools certainly face financial damage and reputational damage during incidents like these. Monetary losses to school districts following a cyber incident range from $50,000 to $1 million. There is also typically significant classroom disruption and learning loss when systems have to be taken offline following a school cyber attack.
What are the top K-12 cyber threats?
Ransomware is the most common type of publicly disclosed cyber incident at schools in the United States. Student data breaches and online class or meeting invasions are the next most common types of attacks.
Other types of attacks school IT teams should be aware of include Business Email Compromise (BEC) scams, Denial of Service (DoS) attacks and website or social media defacement. These types of attacks are happening at schools all over the country and are becoming increasingly damaging and costly.
How to strengthen cybersecurity in K-12 schools
Besides investing more money into cybersecurity infrastructure, there are additional measures schools can take to mitigate risk.
- Require Multi-Factor Authentication (MFA) for all logins.
- Use strong, unique passwords and change them on a regular basis. A password manager can help with this.
- Actively monitor your network and devices for suspicious activity.
- Back up critical data and do regular testing on your backups.
- Protect your most sensitive systems and data with Privileged Access Management (PAM).
- Implement regular cybersecurity training and phishing awareness training for all staff.
Safeguard against ransomware attacks with Keeper Security Government Cloud
Keeper Security Government Cloud (KSGC) password manager and privileged access manager is FedRAMP and StateRAMP Authorized, and enables schools to achieve complete visibility, security, control and reporting across every user, on every device.
KSGC utilizes a zero-trust and zero-knowledge security architecture, along with delegated administration and role-based enforcement policies, to provide system administrators complete visibility and control over identity security and risks within their organization.
To learn more about how KSGC can protect your school against cyber attacks, request a demo today.