Mitigating DDoS Attacks to Reduce Testing Outages

DDoS attacks are regularly launched on school systems to expose student records and hold information hostage. More often, DDoS attacks cause testing outages. Gary Bryant, technology coordinator at Augusta County Public Schools, shares his experience with a DDoS attack that threatened the district's technology center and impacted its online testing systems in a way that could have proved catastrophic.

Distributed Denial-of-Service (DDoS) attacks are on the rise. According to the most recent State of the Internet – Security Report, prepared by Akamai Technologies, DDoS attacks have doubled year over year for the last three quarters.

DDoS Attacks at School
DDoS attacks are generally perceived as less harmful than other cyber attacks, but they can be just as damaging; DDoS attacks just cause a different type of damage.  

They are regularly launched on school systems to expose student records and hold information hostage. More often, DDoS attacks cause testing outages.

What is a DDoS attack?

DDoS attacks are attempts to make a computer resource or network unavailable to users. The targeted system becomes overwhelmed with massive amounts of unsolicited data or traffic and either becomes unusable or crashes completely. Groups of computer criminals use DDoS attacks as a means of extortion, to gain media attention and notoriety from peer groups, or to damage reputations and cause service disruptions in a number of industries. DDoS attacks are also often used as a distraction when other, more serious, attacks are occurring, such as data exfiltration. In addition, DDoS attacks are popular for acts of hactivism, which are becoming more common.

This was seen recently when the Minnesota Department of Education twice temporarily suspended its comprehensive assessments when a DDoS attack created problems for students logging into the testing system. And it happened to us earlier this year.

Under Attack
Augusta County Public Schools, located in in the Shenandoah Valley on the western edge of the Commonweatlh of Virginia, was struck by a DDoS attack.

In late February, a UDP flood from a botnet completely swamped our school system's inbound network pipe. This attack threatened our technology center, which is responsible for providing and maintaining just under 7,500 devices across the county's 20 elementary, middle and high schools, as well as maintaining a Web presence for the school system.

It impacted our ability to satisfy government mandates for online testing systems, which require that we ensure uninterrupted access to Standards of Learning (SOL) information and testing hosted by the Virginia Department of Education. 

Gary Bryant

Gary Bryant

In an attempt to minimize damage, our Internet service provider throttled bandwidth to the school system's site. However, this caused the network to experience sluggish performance and prevented access to key applications, information and links, including those associated with SOL.

While the inability to access e-mail and other applications was inconvenient for the district's staff, the unavailability of the online SOL testing was potentially catastrophic. Students take the SOL tests only two times per year, and the results affect their grade promotions and graduations.

Attempting to protect IP addresses and mitigating the attack quickly became a game of whack-a-mole for our Technology Center. Throughout the month following the initial attack, every time we changed our public address the attackers shifted in response.

We couldn't black hole all 254 addresses, so we needed to find a third-party solution that would allow us to mitigate the DDoS attacks while maintaining the availability of critical learning tools and resources.

We turned to Akamai Technologies' Prolexic Routed solution, a cloud-based service, to successfully resolve the attack. The solution routed the school system's inbound traffic to the nearest Prolexic scrubbing center, where proprietary filtering techniques, routing and anti-DDoS hardware devices removed botnet traffic close to the source; clean traffic was then routed back to the school system's network.

Technology Center servers

Technology Center servers

The attack was a wake-up call for our school system and it drove home the fact that schools are quite vulnerable to sophisticated threats that can be launched by anyone for very little money.

Access to information, applications and tests, as well as securing private information, is critical in maintaining a functioning and progressive school system. A sound IT security strategy must include ample defense measures against threats posed by cyber criminals.

Steps including practicing good web-application hygiene can eliminate many application-layer vulnerabilities. A proactive approach to security will also protect against unexpected costs. For example, research indicates that outage costs associated with a DDoS attack can cost an Internet-reliant organization $1 million before mitigation even begins.

While other attack strategies might garner more attention, there is every indication that DDoS attacks will continue to rise. Schools will be well served to take the necessary steps to minimize their risks as much as possible. Hopefully other counties can learn from our experience and avoid the catastrophic results of an attack, or prevent one from occurring in the first place.

About the Author

Gary Bryant is technology coordinator at Augusta County Public Schools, which serves students in 23 schools in Virginia.

Featured

  • horizontal stack of U.S. dollar bills breaking in half

    ED Abruptly Cancels ESSER Funding Extensions

    The Department of Education has moved to close the door on COVID relief funding for schools, declaring that "extending deadlines for COVID-related grants, which are in fact taxpayer funds, years after the COVID pandemic ended is not consistent with the Department’s priorities and thus not a worthwhile exercise of its discretion."

  • illustration of a human head with a glowing neural network in the brain, connected to tech icons on a cool blue-gray background

    Meta Introduces Stand-Alone AI App

    Meta Platforms has launched a stand-alone artificial intelligence app built on its proprietary Llama 4 model, intensifying the competitive race in generative AI alongside OpenAI, Google, Anthropic, and xAI.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • robot waving

    Copilot Updates Aim to Personalize AI

    Microsoft has introduced a range of updates to its Copilot platform, marking a new phase in its effort to deliver what it calls a "true AI companion" that adapts to individual users' needs, preferences and routines.