According to an Armor report, at least 11 school districts in the country had been hit by a ransomware attack between October and December of 2019. These districts have at least 226 schools in total. The attacks led to massive losses, and affected third parties’ data. The following was also included in the report:
- As of January of 2019, 1039 schools in the US have been a target for cyber hackers.
- The numbers doubled between September and November.
- Both schools and educational institutions in 72 school districts have official reports of being victims of these types of attacks.
- Only one of the 11 school districts reported paid while three refused to pay the ransom. The other seven did not say if they had or had not followed through with any payments.
Another report by Emsisoft revealed that 86 education institutions and school districts had been affected in 2019 alone. These totals to 1224 separate schools in these districts.
Ransomware Effects on Schools
The most dominant targets for cyber attacks are users or organizations with data that have substantial value. The data is then stolen or used as leverage to acquire money… the most frequent victims being medical institutions, the local and city government, plus large companies. Schools are among this category, with recent reports showing an alarming increase. Small education institutions are not being left behind in this ransomware wave either.
A school’s database often has massive records of students, teachers, and other faculty staff members. Cyber attackers know that this is valuable information and losing this data could endanger an institution. Also, a school’s technology is used to run its daily operation, so there is no doubt that ransomware hacks will cause a disruption that affects thousands of people.
Another factor that tends to place schools at risk is the fact that they often operate on strict budgets. This means that understaffing is prevalent, especially when it comes to the IT department. Consequently, there is not enough money to invest in proper cybersecurity practices and develop prevention measures.
A good example is the Las Cruces Public Schools’ case. The cyberattack led to approximately 30,000 devices being shut down in 42 different schools. There was also a full hard drive wipe. The attack on Louisiana school districts led to a state of emergency declaration by the governor, John Edwards.
School’s with Recent Targets
- Chicopee Public Schools, MA
- Buxton Maine School Administrative District #6, ME
- Brookhaven Lincoln County, MS
- Livingston New Jersey School District, NJ
- Las Cruces Public Schools, NM
- San Bernardino City Unified School District, CA
- Dekalb Sycamore School District 427, IL
- Claremont Unified School District, CA
- Mishawaka Penn-Harris Madison School Corporation, IN
- Port Neche Grove Independent School District, TX
- Parkersburg Wood County Schools, West VA