Cyberattacks are now a daily threat to K-12 schools, and the problem may worsen as educators rely more on technology for teaching and learning, and as hackers become more sophisticated.
As per the K12 Security Information Exchange, a nonprofit dedicated to assisting schools in preventing cyberattacks, there have been over 1,330 publicly disclosed attacks since 2016, when the organization began tracking these incidents. Hackers have targeted municipalities of all sizes.
Most notably, two central districts—Los Angeles Unified and New York City—will face cybersecurity challenges in 2022. Experts say that if the largest districts can be affected, anyone can. Smaller districts are especially vulnerable because they frequently lack the cybersecurity resources required to protect themselves.
Cyberattacks are costly to school districts. According to a recent GAO report, districts lose three to three weeks of instructional time on average after an attack, and recovery time can range from two to nine months. To prevent unnecessary costs, districts should ensure that their networks are secure.
Education Week has extensive coverage on what to do if your school or district is the victim of a cyberattack, as well as how to prevent attacks. Here is an accumulation of articles and videos on this topic published by Education Week that you can use to tackle this challenge.
Guidance from the FBI and the Cybersecurity and Infrastructure Security Agency discourages paying the ransom because it doesn't guarantee that the data hackers are holding ransom will be decrypted or that the systems will no longer be compromised. Despite this advice, the decision of whether or not to pay a ransom can be complicated.
Two district leaders also spoke with Education Week about how they handled the aftermath of a ransomware attack that shut down schools for two days. There is no magic formula that will entirely protect districts from cyberattacks, but there are steps that can be taken to mitigate the risks. In this special report, K-12 technology leaders and experts offer recommendations on how to prevent these incidents, particularly with the emergence of school-issued devices, as well as what districts' top cybersecurity priorities should be.
Student data privacy concerns a wide range of issues, from students' smartphones to classroom applications discovered and adopted by teachers, to district-level data systems, to state testing programmes. Experts offer their perspectives on why schools struggle to protect student data.
