Ransomware continues to be the biggest issue for most K-12 school districts across the country, according to Doug Levin, co-founder and national director of the K12 Security Information Exchange.
“If I were to pick one incident that is most troubling and keeps most K-12 IT leaders up at night that would be ransomware. There is no question that since 2019 ransomware actors have been targeting the K-12 sector,” Levin said at a May 18 virtual event hosted by GovExec.
According to Levin, ransomware was the number one issue that schools dealt with in 2021 as staggering numbers of attacks have increased.
A recent report from the K12 Security Information Exchange found that ransomware attacks were the most frequently disclosed incident type in 2021, with 62 instances of U.S. public K-12 school districts being victimized by ransomware. However, the report noted the actual number is “surely bleaker,” emphasizing the need for more and better information sharing about K-12 cyber incidents.
With the rise of online classes during the coronavirus pandemic, school systems became a lucrative target for ransomware actors to attack.
Bhargav Vyas, assistant superintendent for compliance and information systems at the Monroe-Woodbury Central School District, explained how these attacks have evolved to be more effective.
“The social engineering attacks that we have been seeing have ramped up,” Vyas said. “It used to be very simple with emails, now they are posing as someone in HR asking for vaccination information of students.”