K-12 Cybersecurity Attacks Mounting

  • By Dian Schaffhauser
  • 11/01/19
cyber attacks on schools

Source: K-12 Cybersecurity Resource Center and Barracuda Networks

A study of data available from various security incident-tracking resources found that there have been 301 reported cybersecurity attacks against schools so far this year, compared to just 124 in 2018. However, that number would be much higher if it were possible to include other cases that "went either unreported or even undetected," according to security company Barracuda Networks, which released the analysis.

According to the company's security researchers, which examined data related to 721 incidents reported since January 2016 and tallied by the K-12 Cybersecurity Resource Center, the most common types of threats targeting schools fell into five categories:

  • Data breaches (31 percent);
  • Malware (23 percent);
  • Phishing (13 percent);
  • Network or school infrastructure hacks (10 percent); and
  • Denial-of-service attacks (4 percent).

Another 16 percent of security events involved accidental disclosure of data; and 3 percent were classified as "other."

Phishing was of special interest to the researchers as a type of security problem that often goes unreported by schools unless "an incident occurs as a result or the campaign is large enough to warrant attention." In the United States, the company noted, 5 percent of the phishing incidents reported to the Resource Center were W-2-related. Another area of concern: phishing that was intended to "scam" the school or district, which made up 4 percent of the total attacks and struck individuals or districts to the tune of thousands of dollars per incident.

Barracuda offered advice in its report:

  • First and foremost, invest the money to put a "full" perimeter security portfolio in place, including "network firewalls, web filters, e-mail protection and application firewalls."
  • Stay on top of internal security, such as intrusion detection, data backup and anti-malware programs, and especially keep up with security patches.
  • Adopt incident response functionality to help when a security incident takes place and to isolate and remediate the problems.
  • Finally, invest in "capable IT security staff" or put in place managed services that can deliver this expertise to the school or district.

The complete analysis is openly available on the Barracuda website.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • Boxlight Intros Unified Solution for Campus Communication, Instruction, and Safety

    Boxlight has announced the debut of FrontRow UNITY and FrontRow UNITY Campus, a product that unifies solutions for institutional technology, campus communication, classroom audio, and emergency notification and response into a single device.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • NWEA Survey Tracks Progress of COVID Academic Recovery

    NWEA recently released the latest in a series of research reports studying the effects of the COVID-19 pandemic on learning and academic recovery, according to a news release. The report incorporates data from the 2023–24 school year, and the results indicate that learning loss, unfinished learning, and low achievement gains — especially among middle schoolers — continue to plague students.

  • human figures interacting with a tablet, surrounded by floating geometric maintenance icons and faint outlines of campus elements

    Miami-Dade County Public Schools Rolls Out Facilitron Facility Management Platform

    Miami-Dade County Public Schools (MDCPS) has announced a partnership with facility management systems provider Facilitron. MDCPS has about 350,000 students across 400 campuses and is the 19th Florida school district to use Facilitron’s platform.