The world's upside down right now, and people are really at their wits end. It's hard to find any normalcy in our day to day lives. Especially if you're working from home AND you have your kids there with you.
So, me talking about the state of K-12 cybersecurity, when we don't even know if the schools will open up again this year, may be a bit grating. But, the show must go on, and I too must try and strive for some normalcy. Plus you're a captive audience. You've got nowhere to go so I assume you'll be reading this, eyes glued to the screen.
So, without further ado, here's a brief summary of a report from K12Cybersecure.com
How Many Cyber-Attacks Were There Against Schools in 2019?*
- 209 Unauthorized Disclosures/Breaches
- 157 Ransomware Attacks
- 105 Phishing Attacks
- 4 Denial of Service Attacks
- 45 other Incidents
Grand Total - 520 attacks
*You can find a detailed list at the end of this article that contains the names of each effected school district and a hyper-link to a summary of what happened in each district.
In comparison to 2018, that's 3x as many publicly disclosed attacks.
- Just over half (51%) of student and educator data breaches during 2019 were due to the actions (or inaction) of school vendors
- Numerous school districts canceled classes and/or closed schools due to ransomware/malware incidents
Who was hit the hardest?
Cities, suburbs, towns, rural communities, all were targets last year.
- Suburbs were hit the hardest
- Schools with between 2,500 and 10,000 students were the most popular targets
- Out of the four regions used in the study (Northeast, Southeast, Central and West), the Northeast was hit the hardest by cyberattacks
What can school districts do to avoid these attacks in the future?
- Investing in greater IT security capacity dedicated to the unique needs of school districts.
- Enacting federal and state school cybersecurity regulations to ensure baseline school district and vendor cybersecurity practices.
- Supporting K-12-specific cybersecurity information sharing and research.
- Investing in the development of K-12 specific cybersecurity tools.
School District List (Broken Down by Attack Vector)
Denial of Service Attacks
|Secaucus Public School District|
|Albuquerque Public Schools|
|Rio Rancho Public Schools|
|Baker County School District|
There's a lot more in the report (which I'll link to here again: K12Cybersecure.com) and it's a pretty interesting read. The kids might not be in school right now or for the foreseeable future, but it doesn't mean we can't take this time to help keep them safe when they are back at school.
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.