According to “The State of K-12 Cybersecurity: 2018 Year in Review“, schools are under attack. A U.S. school district becomes a victim of an attack as often as every three days – and that’s just the reported incidents. The actual breaches could easily be much higher as many districts do not disclose their incidents or are unable to even detect them.
122 incidents were reported in 2018
Examples of specific incidents include:
- Denial of service attacks, including one at Mt. Zion School District in Illinois that disrupted access to the district’s computer network;
- Phishing scams, like what happened at Olympia School District in Washington state, where a fraudulent email tricked an employee into sending the sensitive information of district staff;
- Ransomware attacks, which typically infect a computer system with software that either blocks access or releases personally identifiable information unless the victim pays a ransom; and
- Unauthorized disclosures or data breaches, often caused by human error in the education sector, as was the case at the Pennsylvania Department of Education.
Chicago Public Schools and Mt. Diablo Unified School District in California—experienced more than one cyberattack in 2018, highlighting that issues of K-12 cybersecurity have largely been overlooked by policymakers, regulators, and school leaders, despite greater attention to issues of student data privacy.
Levin’s conclusion? “Ultimately, the goal of K-12 stakeholders must be to reduce and better manage the cybersecurity risks facing increasingly technologically-dependent schools“. To see examples of how Foresite has done this, visit our case studies.