LIVE @ ISTE 2024: Exclusive Coverage

The pandemic highlighted what was already becoming evident—cybersecurity threats can devastate a school district

K-12 education needs a cybersecurity overhaul

The pandemic highlighted what was already becoming evident—cybersecurity threats can devastate a school district

The 2019-2020 school year faced unprecedented challenges with the abrupt shift to remote learning brought about by the pandemic. But while schools struggled to adapt to these changes, there was another troubling trend on the rise: a surge in cybersecurity attacks.

A recent report from the nonprofit K12 Security Information Exchange found that these incidents increased 18 percent over the last year to reach a record high, equating to more than two cybersecurity incidents per day.

This statistic underscores that the K-12 sector is increasingly becoming a prime target for attack. And, as the report put it, “while policymakers and school leaders have historically demonstrated a reasonable duty of care in protecting members of their school communities from physical security risks, natural disasters, and extreme weather events…such a commitment has heretofore largely been absent with respect to school-related cybersecurity risk.”

Given that the IT department and cybersecurity budget in most districts and schools significantly pale in comparison to that of a typical SMB, this is hardly surprising.

It’s critical that the industry overhaul the traditional approach to K-12 cybersecurity to ensure the strongest defense possible in today’s evolving threat landscape. With that in mind, following are some of the sector’s chief security threats—and what can be done to overcome them.

  • Digitization: COVID-19 brought many changes to the education sector, and it’s likely some of these will remain even after life returns to normal. One prime example here is the uptick in tablets, Chromebooks, and other devices that enable students to access remote instruction and digital learning tools. These devices were certainly indispensable at the height of remote learning. However, they’ve also proven their value by allowing schools to remain in (virtual) session during inclement weather or other scenarios that would typically have resulted in a day off. In addition, the greater flexibility afforded by devices means that students can minimize the amount of time lost due to routine appointments such as dental exams. As such, this blending of digital and in-person instruction is likely here to stay.

The trend can easily introduce numerous vulnerabilities if cybersecurity is not always a prime consideration in all digital learning strategies and policies. Forty-five percent of the disclosed incidents analyzed by the K12 Security Information Exchange report were due to malware, class and meeting invasions (such as the “Zoombombing” attacks that occurred in the early days of the pandemic), email invasion, and website and social media defacement. In other words, threats that likely will continue to arise if students are using connected devices.

To address this, it’s important to:

  • Ensure that students and staff have the least amount of access possible
    • Ensure all devices have the latest patches and/or updates
    • Scan devices for malware before they rejoin the school network

Another key consideration is ensuring that students and staff alike are aware of acceptable use policies, and are only accessing approved sites and applications when utilizing school-owned devices.

  • Password security: Poor password hygiene is a security problem in virtually every industry, and something that is likely to grow in tandem with increased digitization in the K-12 sector. Faced with creating credentials for multiple online accounts and services, both staff and students alike are likely to use simple, easy-to-remember passwords; a practice that can easily introduce security vulnerabilities if the credentials have been exposed in a previous breach. As part of their renewed focus on cybersecurity, it’s important that schools are cognizant of this threat and investigate password auditing solutions that can mitigate the risk.
  • Phishing and ransomware: Ransomware–a type of malware that encrypts users’ files and demands a ransom to restore access–is on the rise in the K-12 sector. In addition, the extortion demands have significantly increased, far exceeding $1 million per incident, according to evidence cited in the nonprofit report. On top of the potential financial repercussions, ransomware wreaks havoc in the form of school closures and class cancelations.

While there are a number of methods hackers can use to stage a ransomware attack, phishing is among the most common. Therefore, it’s important that school administrators are vigilant for phishing scams and encourage staff and the greater school community to be on the lookout for these fraudulent schemes. It’s also critical that schools have a plan for how they would respond should they be hit with a ransomware campaign. For example:

  • How are accounts and data backed up?
    • How long will it take to restore them?
    • How is this backup protected to ensure it won’t also be compromised in a ransomware attack?

Determining the answers to these and other questions before an attack occurs can make a vast difference in how quickly the school or district is able to recover from a ransomware campaign.

  • Limited resources. As mentioned above, the typical K-12 IT team is incredibly small and was already juggling competing priorities long before the pandemic further upended things. One important step for tightening up cybersecurity with these limited resources is to outsource as much of the security upkeep as possible. By availing of reputable cloud services to host file servers, email servers, and other IT infrastructure, schools and districts can reduce much of the heavy lifting associated with securing their systems.

In addition, this approach frees up resources and helps people allocate more time to staying abreast of the evolving threat landscape–training staff on security best practices, ensuring that student devices are scanned for malware and regularly updated and patched, and continually educating the school community on their role in protecting sensitive data from falling into hackers’ hands.

It’s clear that the education sector is an attractive target for attack, and unfortunately the pandemic has only served to increase the risks for schools and their communities. Perhaps the K12 Security Information Exchange report put it best when it warned: “There is no time to waste.” The education industry must act now to overhaul the traditional approach to cybersecurity, before it’s too late.

Sign up for our K-12 newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Want to share a great resource? Let us know at

New Resource Center
Explore the latest information we’ve curated to help educators understand and embrace the ever-evolving science of reading.
Get Free Access Today!

"*" indicates required fields

Email Newsletters:

By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

eSchool News uses cookies to improve your experience. Visit our Privacy Policy for more information.