Cyber Attacks In Schools On The Rise: Here’s What Can Be Done To Counter Growing Threats

U.S. public schools have seen a sharp increase in the number of cyber-related attacks over recent years, with cybercriminals now attacking school networks to extort vast amounts of sensitive student-related data. 

There has been a 393 percent increase in the number of ransomware attacks on K-12 schools between 2016 and 2023. The number has grown from 14 reported attacks in 2016 to more than 69 by 2022, according to data compiled by K12 Security Information Exchange, known as K12 Six, a nonprofit organization that promotes the protection and safety of students against cyber threats. 

This year there has been a similar trend taking place across school districts, with 85 ransomware attacks reported by schools between January and October 2024. Cyber attacks are not only becoming a costly threat, costing $548,185 per day in downtime but both students and teachers are losing valuable classroom time as these attacks become more frequent. 

Last year, the education sector lost 12.6 school days due to ransomware attacks, a steady, but noticeable increase from 8.7 days of downtime in 2021, a report from Comparitech found. 

Cyber-related incidents have become a worrying threat for educators and school district officials looking to curb widespread attacks. Keeping students safe, and protecting valuable data is a shared responsibility between students, teachers, and school administrators. 

Cyber Vulnerabilities In Schools 

Unlike corporate entities such as banks or publically-traded companies, government offices, and state or federal agencies, schools collect a range of private, and highly sensitive information on students. This information is often provided by parents and is used for educational purposes, such as creating more tailored learning programs or in-class settings. 

Sensitive Student Data 

Nowadays, schools will collect an assortment of personal details on students and their parents. The type of information, and how this information is put to use will vary across schools and districts.

In many cases, schools will hold data related to a student’s religious, ethnic, cultural, and health orientation. There are also schools that may require parents to provide students’ immigration status and may include sensitive data such as Social Security Numbers. 

Outdated legacy systems 

Many schools do not have the financial resources to replace legacy computer and security infrastructure systems. In many instances, schools often have to rely on outdated Information Technology (IT) systems and support.  

Not only do legacy technologies make it easier for hackers to access privately held data, but these outdated systems can create setbacks among classrooms, and create siloed outcomes, which can create ineffective communication and collaboration between students and teachers. 

Digital illiteracy 

Many American students do not have access to the proper resources or training to assist them in using various IT systems effectively. In fact, around one in three Americans are at risk of being left behind in the 21st century due to a high level of digital illiteracy. 

Lack of funding, improper planning, and inadequate policies have created roadblocks for students and educators. These shortcomings are not only costing the economy but in return could place some students at risk of exposing themselves online or allowing an avenue for malicious online activity. 

Sophisticated threats 

Not only have the number of threats targeting public schools been on the rise, but cyberattacks have become more complex as cybercriminals look for sophisticated methods to infiltrate digital systems. 

Over a period of 60 days in 2024, more than 650,000 records from several educational institutions were hacked and leaked onto the internet. Digital attacks have become increasingly widespread as the availability of internet networks, and other digital tools are more readily supplied to students and at various educational institutions. 

Insufficient security systems 

In some parts of the country, school districts are often the biggest employers, collecting not only important information on students, but on educators and support personnel. Insufficient cyber security systems and infrastructure are an invitation for hackers to access this information. 

Improper cybersecurity is not only costing school districts more each year but students and educators are losing time away from their classrooms. In some districts, it can take up to three weeks for classes to resume as normal following a cyber attack. On the longer end, some districts may take up to nine months to resume classes as normal following an attack, according to a 2022 U.S. Government Accountability Office report.

What Can Be Done?

The digital classroom is here to stay for the foreseeable future. Internet-based learning ensures that students have the necessary tools to navigate the digital economy. However, providing students with these resources requires the appropriate intervention to ensure their safety and the protection of sensitive data online. 

Routine IT audit

In order for schools to ensure that they have the appropriate cybersecurity infrastructure in place, routine IT audits are necessary to uncover any potential vulnerabilities that may be present in their current systems. 

These audits act as a gateway to understanding where they may have shortcomings, and what schools need to do to deter possible threats or hackers. The audit process can help equip school leaders and educators with the appropriate tools, resources, and insight into detecting possible threats, and how to develop a forward-looking plan should an attack take place. 

Cybersecurity policy 

Along with conducting routine audits, schools will need to work alongside parents, the school district, faculty members, and educational personnel to develop and establish a cybersecurity policy that meets the needs of the school and more importantly, the students. 

Creating a cybersecurity policy will help to outline what assets the school is trying to protect, and what possible threats may be lurking underneath the surface. In addition to this, these policies will help act as a blueprint for understanding new threats, and how a school can implement the necessary processes for navigating possible cyber attacks.

Vulnerability testing 

The main outcome of an IT audit is to discover any vulnerabilities that may be present within a current IT system. Testing these vulnerabilities will help provide more indication on whether current cyber security infrastructure is an adequate solution, or if further investment is necessary to improve these systems. 

Testing for vulnerabilities shows that a school is already aware of where they may have weak spots, and in turn, allows them to focus on resolving these critical issues before they become bigger problems down the line. Vulnerability testing ensures that resources are being allocated to the most relevant digital needs of the school. 

Establish a resolution strategy

Budgetary constraints often lead to many shortcomings, and this can place a great deal of pressure on schools that do not have the appropriate resources to deter possible cyber-attacks and threats. 

Schools need to ensure that along with implementing a cybersecurity policy, they have a necessary resolution strategy at hand should an attack take place. This strategy should help educators and school leaders navigate through the complex process of dealing with cyber attackers, and what they can do to mitigate the possible threat to students' and teachers' personal information. 

A resolution strategy should have clear guidelines on what educators should do in the event of a cyber attack. These guidelines should also include how the school will communicate the incident to parents and affiliates. A resolution strategy should be the blueprint for what to do when everything has gone wrong. 

Use data encryption 

Schools will need to apply the necessary data encryption as part of their safety net. Data encryption can help in the event of a cyber attack, safeguarding personal information, and allowing more time to find a workable resolution. 

More than this, data encryption plays an important role in keeping students and faculty safe during off-campus activities. What this means is that personal information is being protected even during times when students are not using the wifi network provided by the school or institution. 

In order to protect vulnerable students, schools should promote more cross-functional cybersecurity infrastructure. This means that students and personnel are not only protected at school, but safety protocols stretch beyond these limitations. 

Password protection policy 

Using a strong password on digital devices such as computers and tablets is considered a frontline defense against restricting unauthorized access to any information that may be available on these devices. 

In an educational environment, learners and educators should be encouraged to regularly update their passwords. On top of this, users should follow the guidelines of the school or district’s password policy, which should include guidelines on how to set up a strong password, and what characteristics to include. 

Weak passwords aren’t an isolated issue, and globally around 75 percent of people, or at least three in four internet users do not adhere to password best practices. Encouraging students and teachers to regularly change their passwords can assist in deterring bad actors. 

Invest in learning opportunities

Having the right resources can make all the difference. For K-12 schools it’s important to consider how well students are equipped with the knowledge to use digital devices safely. Investing in the appropriate learning opportunities will ensure that all students will have a firm understanding of digital safety from a young age. 

These are not only valuable skills but are becoming increasingly desirable across an array of study and employment settings. Investing in students' digital skills will create a stronger force that hackers will need to counter, which could in turn help reduce the number of cyber threats or attack-related incidents. 

Cybercrime In Education: A Continuous Learning Process 

Minimizing the risk of cyber attacks, and reducing the number of these incidents among schools requires a collaborative approach that could in turn deliver more sophisticated solutions. 

Schools are under attack, and each day students and educators are being placed under direct threat of cyber criminals. The issue at hand is not having these attacks occur on public grounds, but rather insufficient investment in developing strategies and solutions for countering cybercrime. 

Solutions begin with schools and students, equipping learners and educators with the skills to safely navigate the digital landscape. Through proper oversight, and policy implementation can minimize the threat of cyber criminals, reduce the cost of resolving these attacks, and safeguard highly sensitive data.

(Disclaimer: Devdiscourse's journalists were not involved in the production of this article. The facts and opinions appearing in the article do not reflect the views of Devdiscourse and Devdiscourse does not claim any responsibility for the same.)