LIVE @ ISTE 2024: Exclusive Coverage

Ransomware attacks are a rising threat for school districts--but some careful strategies can help IT leaders protect school networks.

3 ways districts can prepare for ransomware attacks

Ransomware attacks are a rising threat for school districts--but some careful strategies can help IT leaders protect school networks

With summer now a distant memory and students across the country back in the swing of things, school districts have been facing a rising danger. This year, schools face an increased threat of falling victim to ransomware attacks.

Ransomware is a specific type of computer virus that locks digital files and blocks access to computer servers–effectively shutting down entire operating systems–until a ransom is paid to those responsible for the attack. This dangerous type of extortion has been increasing in prevalence and while it was once generally aimed at corporations, hackers have recently begun shifting their focus to new targets, including government agencies and school districts.

Related content: Protecting your district from ransomware attacks

As an educator, if you haven’t yet heard of ransomware, chances are you will soon. According to a report by the K-12 Cybersecurity Resource Center, there were more than 120 cybersecurity incidents that targeted K-12 school systems last year and the trend doesn’t show signs of slowing. During the summer of 2019 alone, ransomware attacks affected school operating systems in states including Nevada, Alabama, New Mexico and Louisiana.

Related Content:

eSchool News School Safety Guide

The eSchool News School Safety Guide is here! It features strategies to help you create and maintain safe and secure learning environments, both physical and online. A new eSchool News Guide will launch each month–don’t miss a single one!

And while there are many types of cybercrimes, what makes ransomware attacks particularly damaging and dangerous is the skyrocketing sums hackers have been demanding to restore functionality and the unknown extent of the harm these attacks can cause.

Earlier this year, hackers demanded $51,000 from the city of Baltimore to unlock infected operating systems. The city refused to meet these demands and in the wake of that decision, some estimates say that recovery costs to repair and replace corrupted systems could exceed $18 million. Emboldened by the efficiency and destructive nature of their attacks, hackers have increased their ransom demands and organizations have begun paying to avoid more expensive fates.

While few school systems would be prepared to handle the cost incurred by a ransomware incident, what’s additionally frightening about an attack of this nature on a school district is the impact it could have in an emergency situation. Earlier this year, an attack on the Syracuse City School District crippled the district’s website, email system, and phones. If there had been an emergency requiring swift and clear communication during this outage, the consequences could have been disastrous. Schools are entrusted with caring for our children but it is becoming increasingly clear that that many of them are unprepared to handle these emerging cyber threats that could put students in harm’s way.

The blame for this should not lie with school districts alone, however. Compared to large corporations, districts cannot allocate the types of funds necessary to hire expansive IT teams and implement expensive cyber-defenses to combat these evolving threats. And while it may appear that limited budgets coupled with committed hackers may give criminals the upper-hand, there are ways that districts can protect themselves and their students and avoid outcomes that others have already suffered.

1. First and foremost, school districts should ensure that all of their data is backed up. If an attack is successfully carried out and schools need to wipe their systems clean to restore functionality, backing up data is critical in ensuring that important information is not lost and that recovery efforts can be completed efficiently.

2. Districts should also consider hosting cybersecurity training for administrators and staff. Many attacks take place because employees have little knowledge of how to spot hacking attempts. One such attack is spear phishing, in which hackers identify vulnerable individuals and use social media and other public channels to generate and send fake emails or messages that look incredibly real. Ransomware requires interaction with a user to infect a system and with proper training, employees will likely be more adept at recognizing suspicious activity and avoiding catastrophe.

3. Finally, schools should re-evaluate their cybersecurity systems. Many legacy defenses in place in districts around the country are no longer able to keep pace with evolving threats that target increasingly mobile workforces–that is, employees who use school laptops, tablets and emails outside of their schools or offices. These employees are vulnerable targets and run the risk of picking up viruses on the go that can infect entire school district operating systems. In response to this increase in employee mobility, several modern cloud-based solutions have emerged to protect internet usage no matter where employees go, effectively mitigating this risk.

While budgetary conversations are complicated and school funding is limited, school districts still retain the tools to avoid a ransomware disaster. In an era when professional hackers have turned a hungry eye toward schools, districts must remain alert and aware to keep their students safe and their organizations running smoothly.

Sign up for our K-12 newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Want to share a great resource? Let us know at

Sign up for our K-12 newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

eSchool News uses cookies to improve your experience. Visit our Privacy Policy for more information.