By Mike Bianco, director of information security, Skyward.
Schools face plenty of dangers and threats, from pandemics to budget cuts, but ransomware may be one of the most pernicious, transcendent, and frightening – and it’s not going away.
Ransomware is big business for crooks, and schools are seen as easy pickings. CBS News reports that cyberattacks and ransomware targeting K-12 schools hit record highs last year, with ransoms ranging from $10,000 to $1.4 million and a total cost to districts of more than $123 million, according to IBM.
Because so much of what a school system does, from teaching to storing records, takes place online, the threat of a ransomware attack effectively stopping those processes dead in their tracks and wiping out the supporting data is enough to keep administrators up at night.
Add to that the threat of students’ sensitive data stolen and dumped or sold to bad actors after ransomware attacks (NBC News reports that in 2021, ransomware gangs published data from more than 1,200 American K-12 schools), and it’s a miracle administrators get any sleep at all.
And in case a district admin was thinking of sneaking in a catnap, they should consider that 30% of educational outlets consider themselves unprepared to face a cyberattack resulting in their data being held for ransom. Why do so many ransomware attacks target schools? Several reasons:
Schools are vulnerable
Whether it’s students, parents, teachers, or back-office staff, the fact that so many different personas with so many different ideas about internet security are using the system makes it easy for hackers to exploit weaknesses.
Schools lack resources
Districts may not be able to afford the most robust ransomware-prevention tools, or the personnel needed to monitor them.
Data is centralized …
School districts tend to keep their data in one central repository, which is attractive to hackers. Think of it this way: If you’re a bank robber, do you want to rob one bank with $5 million in deposits, or five banks with $1 million in deposits each? Educational data is the $5 million bank.
And it’s valuable …
Student data is pure gold. It can be used in a variety of ways, to establish false identities, to apply for credit, and to make large purchases.
Producing additional blackmail opportunities
Suppose a hacker acquires the report cards and other data of high-school seniors. They could threaten to release the information to prospective employers if the student or their parents don’t pay a ransom.
(This is generally thought of as small potatoes by hackers, but it’s not out of the question.)
How districts can protect themselves
Given that schools are and will continue to be ransomware targets, what can districts do to prevent themselves?
First, districts need to realize they’re not Susan Storm, and they can’t put a force field around their data. There is no magic shield; there are only multiple layers of protection they can employ to deter hackers.
Second, they need to understand that protective measures may only make their district a less attractive target, and not a non-target. After the low-hanging fruit is harvested, their district may still be seen as ripe for the picking.
Third, districts have to accept the fact that protection against ransomware is ongoing and evolving. It is absolutely not a one-and-done.