How K-12 IT leaders can protect schools from ransomware

Cyberattacks on public schools are becoming more common and more severe every year. Between 2020 and 2021, more than 56 percent of K-12 education organizations suffered ransomware attacks with an average cost of $268,000.

Most recently, an attack on the LA Unified School District in September 2022 conducted by the Russian hacking group Vice Society shut down access to emails, computer systems, and applications for more than half a million users. Before that, a ransomware attack on the school system in Buffalo, NY cost the state more than $10 million in damages.

How can these K-12 school districts defend themselves from these ransomware attacks? And why are they being targeted so frequently?

The Problem

Part of the reason attackers target school districts is simply size–K-12 public schools are a $760 billion sector serving more than 50 million students at more than 100,000 schools across the United States, making them an available and tempting target. The other part of the reason is that public school districts have unique security challenges. With limited budgets and the continued use of legacy security systems, school districts are often unprepared for incoming ransomware attacks.

Other factors that contribute to this lack of preparation include:

Reduced Budgets & Lack of Hiring: School districts have limited IT and security resources due to constricted budgets. This lack of investment in security resources requires small teams to protect very large, complex environments. School districts also often can’t compete with salaries offered by the companies in the private sector, so hiring experienced professionals can be difficult for districts that don’t have large budgets.
Open environments and ever-changing users. School districts must keep their environments relatively open so students and teachers can access the system resources, applications, tools, and research from any type of device. Corporations can enforce stricter access rules, which makes security easier.
Overly complicated tools: With limited resources and teams, more complicated security tools and manual legwork make life especially difficult for school districts. They need usability and simplicity.

The Solution

All of these issues mean that school districts must do more with the few resources they are given. To compensate for this, they need security technology that fills in these gaps. It must be good at catching ransomware while also reducing the workload on IT teams. Many security products are designed to be used by a team of experts, and would actually create more work for a school district IT team.

To work well in a school district use case, security technology should be capable of the following:

Automatic Analysis: The system should be able to automate the collection, correlation and analyzing of infrastructure-wide data sources for indicators of compromise and reducing alerts. This reduces the workload of small, overburdened teams and allows them to be more efficient at their jobs.
Real Time Threat Detection: Advanced real-time threat detection based on a large set of included and constantly updated threat models and content is critical and provides faster identification of a ransomware, because they know they’ll be targeted.
Ability to Adapt: By using a security system that leverages machine learning technology, school districts can adapt to variants of attacks. Having the ability to detect and adapt to new attacks and variants by hacking groups targeting K-12 specifically ensures further security across school districts.
Delivery of Context: Delivery of simple, direct, and accurate context for validating the attack and eliminating false positives. Security teams won’t have the time or expertise for manual investigation
Generating Risk Scores: Generated risk-driven and scored responses with supported workflows and case management for prioritizing and accelerating remediation efforts. Speed is essential for protecting against ransomware.

There’s no doubt that school districts have become a large target for ransomware attacks in recent years because of their limited security infrastructure and the amount of data, systems, and information they hold. Technology can help keep them safe, but only if it doesn’t create too much extra work for teams that are already stretched thin.

To better defend against ransomware, K-12 school districts should look for security technology that’s capable of protecting their systems, reducing the workload of limited security teams, and continuously adapting to new and incoming threats.

Author
Recent Posts

eSchool Media Contributors

Sanjay Raja, VP of Product Marketing and Solutions, Gurucul

Latest posts by eSchool Media Contributors (see all)

The pulse of K-12: How superintendents are taking on 2023’s biggest challenges - March 31, 2023
Students need freedom to develop critical skills with edtech - March 31, 2023
4 steps to avoid a ransomware attack - March 30, 2023

6 benefits of immersive learning with the metaverse

The metaverse is a tool that blends experiences typically associated with either the virtual or physical worlds. It can deliver greater immersive learning for students while also creating some new and exciting teaching opportunities. For educators, it is crucial to not only understand what the metaverse is and its uses within education but to also realize the benefits of immersive learning with the metaverse.

Building a Successful Certification Program at Your Institution

In a world where competition for jobs, pay increases, and academic success continues to increase, certifications offer hope to candidates and educators. Certification helps to build a skilled workforce that meets the needs of local employers and government tech initiatives.

Arkansas Department of Education Names Curriculum Associates’ Magnetic Reading™ Foundations an Approved English Language Arts Foundational Skills Program for Grades K–2

7 Mindsets Announces Formation of 7m Cares

New Mexico’s Aztec Municipal School District Renews Multiyear Partnership Driving Student Engagement in Science

TutorMe Partners With Snowline Joint Unified School District to Provide One-on-One Tutoring Support

Pennsylvania School Reports Student Growth in Mathematics Despite National Trends

Login