Ransomware attacks on US K-12 schools

Cybercriminals are targeting schools with ransomware attacks, so what does that mean for parents and students?

Ransomware attacks on US K-12 schools

Children all across the country returned to in-person school this year, some for the very first time after starting their educational journeys remotely. With remote learning, technology in schools was front and center in the home, emphasizing just how much children are a part of the modern Internet.

While many schools had cybersecurity measures in place before the pandemic, they had to adjust as each student began taking computers home. Students were connecting into the schools from their own home Wi-Fi networks or external public networks where the security measures aren’t as strong and teachers and administrators can’t monitor their activity.

Unfortunately, more and more cybercriminals began targeting schools with ransomware attacks, knowing that they may be less likely to have fully-developed IT security operations or system backups. The abrupt transition to remote learning also disrupted how schools manage cybersecurity. With the move back to in-person learning, many schools may not have thought about how their IT security infrastructure might be impacted or what their back to school plan was.

Surveying the parents

According to government data, ransomware attacks on schools doubled to reach 57% of all ransomware incidents last fall, up from 28% over the prior spring and summer. When cybercriminals find a good target, you can bet they’re going to keep attacking. This May, we surveyed parents of school-aged children on their attitudes and experiences with cyberattacks on American schools and found that many parents were willing to have their schools pay ransoms. This illustrated the urgency among victims to return to “normal” as soon as possible and cybercriminals have been taking advantage of that.

New school year, new data

Now that we’re in a new school year with children back in the physical classroom, we reached out to parents again to see how many have experienced ransomware attacks on their children’s schools, how the attacks affected the victims and how the schools responded (full data here). So who’s getting hit and what does it mean for parents and students?

  • According to parents who said their school was attacked, 71% of schools paid the ransom, most frequently between $5-10K (14% of respondents) or in the $50-100K range (13%).
  • Parents with a child in middle school reported larger ransom payments, most often in the $50-100K range (18% of parents), than parents with a child in elementary or high school.
  • Parents with a child in a school with 501-1,000 pupils reported the heftiest ransom payments, with 15% in the $100K -$500K range.
  • Only 3.7% of parents who reported an attack said the school paid more than $1 million.

How many schools had to close because of the ransomware attack

The schools’ wallets weren’t the only thing impacted by the ransomware attacks though. The parents and students all felt the effect of these attacks, particularly when it came to the time it took schools to deal with them. Of the parents surveyed, 75% noted that their schools were forced to close for at least a day and many for up to a week, oftentimes requiring them to seek out costly childcare or take off time for work.

The students themselves can also be directly affected by ransomware attacks. According to the parents, 61% said their child’s data had been compromised. The compromised data can then be bought and sold on the dark web to be used in the future. Now more than ever, it’s important for schools to increase their cybersecurity efforts and have a plan in place in case of a ransomware attack.

How many schools did pay ransom to attackers

Schools can continue beefing up their security efforts by protecting any and all devices that connect to the Internet. It’s also never too early to start teaching students about the dangers of cybercrimes and how to respond to any dangers. While staff should also be trained, safe online practices should be ingrained in the digital generation’s mind. More data and resources can be found here.

Ransomware attacks on schools aren’t going to stop, so let’s all do our best to stay as safe and secure as possible.