2024 Gartner® Market Guide for Managed Detection and Response
2024 Gartner® Market Guide for Managed Detection and Response Get the Report
K-12 School Districts and the Cybersecurity Challenge
Pondurance
April 11, 2022
After a longer-than-expected pandemic period, K-12 school districts are back in the classroom. Administrators and teachers are working to keep students healthy and learning, while IT teams are working to create a safe and operating online environment for students. Though the education industry is not the most targeted industry as it was back in 2020, K-12 schools are still a prime target for cybercriminals. After all, K-12 public schools are a $760 billion sector that serves more than 50 million students, and those students attend 130,930 schools within 13,598 different schools districts in states across the country.
At most school districts, IT teams handle all the technology functions at the schools and administrative buildings, including working on printers, laptops, security cameras, hardware, software, apps, multifactor authentication, insurance policy requirements, and the list goes on. And even though most IT teams do not include a dedicated cybersecurity expert, they are tasked with handling all cybersecurity issues.
As the cyber landscape evolves, IT teams like yours continue to face cybersecurity challenges including an expanded attack surface, significant cyber threats, and budget constraints.
Expanded attack surface
Students from kindergarten to high school use numerous internet-connected devices for remote and in-classroom learning. Though these devices are beneficial to education, each device also can be a vulnerable point of entry for a cybercriminal. These potential entry points create an expanded attack surface, giving cybercriminals added opportunities to exploit data. IT teams need a means to monitor these entry points to protect the information of students, teachers, and administrators.
Significant cyber threats
Over the past few years, K-12 schools have experienced frequent cyber threats from bad actors looking for money and personal information such as Social Security numbers. The identities of minor children are desirable because the theft can go undetected for years as most minors don’t own bank accounts or credit cards.
Specifically, IT teams have been defending against ransomware, phishing, and distributed denial of service (DDoS) attacks.
Ransomware attack. Ransom demands for K-12 schools have ranged from $5,000 to $40 million, with an average payment of $268,000, according to Comparitech. Cybercriminals have started to target larger school districts with higher budgets to cause more chaos and extort larger payments. In addition to the high-price demands, ransomware attacks can cause downtime where systems are shut down, schools are closed, and teachers can’t access data.
Ransomware attacks were launched on Broward County Public Schools in Florida, Athens Independent School District in Texas, and Baltimore County Public Schools in Maryland, to name a few. In Broward County, attackers demanded a $40 million ransom and shut down the district’s computer system. When the district was unable to pay the ransom, the attackers published nearly 26,000 stolen files, including mostly financial records and a few incidents of personal information. Following the attack, the school district’s chief information officer requested $20 million for cybersecurity improvements.
Phishing attack. This attack is typically perpetrated by email from a cybercriminal who poses as a teacher, administrator, or vendor and sends a message that sounds legitimate. Once the recipient replies or clicks on an embedded link, the bad actor’s mission is accomplished. The average spear-phishing attack — a more targeted approach to phishing — against K–12 administrators and vendors costs approximately $2 million per incident. In addition to money, cybercriminals seek sensitive personal information to sell on the dark web.
DDoS attack. This brute force attack floods a school district’s network with more traffic than it can handle. Eventually, the attack can disrupt the network to the point that it shuts down.
Budget constraints
IT teams have a hard time balancing educational resources with cybersecurity. In particular, low-income school districts with smaller budgets have fewer dollars to invest in cyber. For IT teams, this lack of funds affects everything from purchasing technology tools to hiring staff to providing cybersecurity awareness training for teachers and administrators.
Fortunately, the K-12 Cybersecurity Act was signed into law on Oct. 8, 2021. The legislation directs the Cybersecurity and Infrastructure Security Agency to conduct a review of vulnerabilities in schools across the country and provide resources to school districts for cybersecurity, helping IT teams protect students and teachers from cyberattacks. In addition, as part of the coronavirus rescue package, the Elementary and Secondary School Emergency Relief Fund allocated $190.5 billion to K-12 schools, which can be used for cybersecurity investments.
You don’t have to go it alone
Your IT team will continue to face challenges as you work to handle technology issues for the K-12 students, teachers, and administrators in your school district. But when it comes to cybersecurity, you don’t have to go it alone. Learn how Pondurance can provide 360-degree visibility for your expanded attack surface, defend against frequent and costly cyberattacks, and help you stretch your budget. Learn more in our Education Services section.