K-12 Schools are Hit by New Cybersecurity Attacks Every Three Days According to New Report


In just the first month of 2019, there had already been about 12 cybersecurity attacks on K-12 schools. Last year, public K-12 schools were the victim of 122 known incidents.  These attacks spanned from Ransomware attacks to the most common – unauthorized disclosures or breaches. 

However, according to Doug Levin, President of EdTech Strategies and author of “The State of K-12 Cybersecurity: 2018 Year in Review”, the number of reported accounts of cyberattacks on schools are underrepresented.

“It’s definitely on undercount,” said Levin. Doug suggests that the number of attacks are 10 to 20 times more than what is being reported, because school districts choose to not make the incidents public.  In addition to Ransomware and Unauthorized Breaches, Levin also documents that Phishing, Denial of Service attacks and other types of incidents were experienced by educational institutions.

“I think it’s going to get worse before it gets better,” Levin said. “I’m seeing what I would characterize as pretty significant events that are actually happening in schools today.” These incidents are disrupting everyday learning and are costing districts hundreds of the thousands of dollars to remedy.

More than 415 incidents have occurred since Doug started the database of incidents, 122 of them coming just last year. In his analysis of the data, Doug is trying to understand what makes a district more likely to be targeted than another. 

“It seems to be non-discriminating.” Levin notes. The only exception to his statement was that schools that were in what was considered low-poverty districts was 70% of the cyberattacks in 2018. “One plausible hypothesis is that wealthier school communities may be relying on more technology that other district types and hence are exposed to greater risks.”

In his report, Levin states, “This is a wicked problem. There’s no easy solution. It’s not just that we need more money, different policies or more training. The nature of these threats is going to keep changing. And if major companies – Equifax, Apple, Cisco, Facebook – can’t keep a handle on their stuff, what chance to little school districts have?”

For tips on how you can protect your school from Cyberattacks, check out our blog.

Story via EdSurge