Ransomware attacks worry school districts


to play

High-profile ransomware attacks last year on Colonial Pipeline and JBS Foods led these companies to pay multi-million dollar ransoms to hackers and caused supply chain failures with national economic repercussions.

As cyber attacks against large corporations gain notoriety, K-12 school districts quietly became the primary target of ransomware attacks in the fall of 2020, according to the FBI.

“The need for schools to move quickly to distance education likely contributed to cybersecurity gaps, leaving schools vulnerable to attack,” the FBI wrote in its report.

Ransomware is a type of malicious software designed to block access to a computer system until money is paid to unlock it.

Its effect on school networks can be crippling.

A successful ransomware attack on the nearby San Bernardino City Unified School District in 2019 excluded district network employees for several days, force lessons to run without WiFi and other technological tools.

The attack took place in October, which is coincidentally Cyber ​​Security Awareness Month.

The district did not say whether confidential information about students and families had been compromised. He also did not indicate how the incident was resolved after the intervention of law enforcement and a third-party expert to try to restore the network.

Following: Ransomware, Explained: How The Gangs That Closed Colonial Pipeline, JBS USA Work

Following: JBS and Colonial Pipeline together paid more than $ 15 million in ransom, which is one of the most insurmountable cybersecurity problems

Higher education institutions have not been spared either. College of the Desert began its Fall 2020 semester despite a malware attack that took the college’s website and email system offline, although it is not clear whether the hackers requested a ransom to remove malware.

In light of these threats, school districts in the valley are investing in cybersecurity to varying degrees.

The cost of (cyber) security

Will Carr, director of technical services for Palm Springs Unified, said the district spends about $ 247,000 a year on cybersecurity software subscriptions – some to protect against hackers and others to monitor student activity on the district network.

About a quarter of that cybersecurity budget is for a ransomware insurance policy with tech company SentinelOne that would pay the district $ 1,000 per compromised device up to $ 1 million if its encryption services fail. to stop an attack.

Carr said that so far the district has not had to file a claim and that the SentinelOne service has successfully stopped four ransomware attacks and more than 130 malware attacks in the past year.

Additionally, the district spends $ 30,000 per year on a firewall, a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of rules. of security.

From September 2020 to August 2021, Carr says the district firewall blocked 787,000 potential attacks.

A separate tool blocked an additional 752,000 email threats.

For its part, Desert Sands Unified has budgeted more than $ 2.2 million in federal COVID-19 assistance on a “Cyber ​​Recovery Vault,” a tool that will help the district recover critical data in the event of an attack. of ransomware.

The district plans to spend an additional $ 1.1 million in federal aid to bolster the security of its network with endpoint encryption, a tool designed to protect sensitive data from unauthorized access and leaks.

Desert Sands declined an interview request to discuss its cybersecurity protocols, releasing the following statement:

“For the continued safety and security of our district network, we do not publicly disclose elements of cybersecurity. However, we have implemented the best cybersecurity solutions and continue to educate our students and staff on cybersecurity awareness. “

The district added that it was not aware of any ransomware attacks targeting its network in the past year.

Coachella Valley Unified also declined an interview on this topic and did not say what it had invested in cybersecurity measures.

What are kids looking for on Google at school?

The other piece of the cybersecurity puzzle is monitoring what students (and staff) are looking for within the district network.

Palm Springs Unified maintains subscriptions to several software services that can monitor and block student Internet activity while they are connected to the district network.

For example, teachers can use GoGuardian to restrict student internet activity during tests. Conversely, with administration approval, teachers may temporarily allow access to websites with sensitive content on racism or hate speech in order to advance American and world history lessons. .

“It’s really good for the management of the classroom,” Carr said.

Technology that saves lives?

The software also allows Palm Springs Unified to create alerts when students search for key words and phrases related to self-harm.

For example, on the morning of Wednesday, October 6, the district reported internet activity of two high school girls who had searched for terms related to self-harm. By 11 a.m., the principal had responded to the alerts and addressed the students individually.

In some cases, Carr says the district has asked law enforcement to intervene when a student’s internet activity suggests an imminent risk of self-harm.

He added that the technology “saved the lives of some children”.

Palm Springs Unified is required to monitor the online activity of minors on its Internet network in accordance with Children’s Internet Protection Act.

Additionally, parents / guardians of PSUSD students sign an “Acceptable Use Policy and Technology Loan Agreement” which details district network and device rules.

How important is K-12 cybersecurity?

Carr says hackers know school districts can’t afford to pay seven-figure ransoms like some businesses.

However, they are a popular target for another reason: their wealth of information.

“School districts are focused more on student data than money,” Carr said.

According to a recent report At the K-12 Cybersecurity Resource Center, school districts are responsible for protecting the data of more than 50 million U.S. students and their families.

Cyber ​​security for US K-12 school districts is a $ 760 billion industry, but the number of successful cyber incidents in K-12 school districts has quadrupled from less than 100 attacks in 2016 to more than 400 attacks in 2020 .

Even with in-person instruction back in session, the adoption of digital technology for learning (such as distributing laptops and Chromebook hotspots to students, and installing smart TVs in many classrooms). classroom) means more school district devices are susceptible to hackers than before the pandemic.

That’s why Carr – who served eight years in the US Navy securing the first military networks before joining Palm Springs Unified 21 years ago – says it’s imperative that his district continues to invest in security. networks, educate staff and students about responsible digital citizenship, and be transparent about the district’s online capabilities.

“The more you know, the more seriously you take it,” Carr said.

Jonathan Horwitz covers education for The Desert Sun. Contact him at [email protected] or @Writes_Jonathan.


Leave A Reply