Like many organizations, K-12 schools adapted to COVID-19 by accelerating their digital transformation journeys. And like everyone else who followed this path, they invited unwanted attention from digital criminals in the process.

In December 2020, for instance, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a joint alert with the FBI and MS-ISAC warning of malicious actors targeting school computer systems to disrupt distance learning with digital threats such as ransomware. More than half (57%) of ransomware attacks reported to MS-ISAC in August and September 2020 involved K-12 schools, as noted by CISA. By comparison, just 28% of reported ransomware incidents from January through July targeted schools.

Those ransomware attacks didn’t just disrupt access to schools’ computer systems. Threat actors also sometimes used their malware payloads to steal confidential student data. Per Yahoo Finance, nine percent of parents said that their school had suffered a ransomware infection while their child was a student there. Of those respondents, 61% indicated that malicious actors had compromised their child’s data during the infection.

It’s therefore no surprise that some school districts have reported a dramatic increase in their cyber insurance premiums. Bleeping Computer reported that one school district in Illinois saw its policy renewal costs jump from $6,661 in 2021 to $22,229 a year later. This reflects the growing number and severity of threats confronting K-12 schools (as well as other organizations in general) along with the elevated potential for costly disruptions.

Government Steps in to Help

In response to the trends discussed above, governmental agencies at all levels have taken action to help schools to strengthen their cybersecurity measures. At the federal level, for instance, U.S. President Joe Biden signed the K-12 Cybersecurity Act to help schools across the country better protect sensitive information. Simultaneously, there have been (Read more...)