First Coronavirus, Now Ransomware's Closing Schools

Hackers are increasingly targeting schools around the country with ransomware, creating havoc for students and parents.

Public schools in Baltimore County, Maryland were closed recently after a cyberattack forced the district to cancel remote classes for its 115,000 students. Ransomware attacks are on the rise in many industries, including healthcare. Schools are particularly vulnerable to hackers, experts say.

"Shutting down schools creates all kinds of issues for a whole range of people—we saw how chaotic having schools shut down could be during COVID. Basically, what that means is that it becomes a critical, urgent issue that must be dealt with immediately," Lila Kee, chief product officer at internet certification company GlobalSign, said in an email interview. "And that sense of urgency is key. Additionally, many school districts don’t have a ton of additional funds laying around for cyber remediation, which means their best bet is often just to pay the ransom."

No Data, No School

The Baltimore County schools were hit before Thanksgiving by hackers. The attack encrypted the district’s data in a manner that prevented the schools from operating.

"This is a ransomware attack which encrypts data as it sits and does not access or remove it from our system," Jim Corns, the district’s executive director of information technology, told a news conference. "So we are engaging this as a ransomware attack."

Ransomware attacks are a growing problem, says Kee, and they're affecting a lot of industries shifting to remote work and putting more critical business functions online "It’s the holiday season in more ways than one for them right now," added Kee.

Last week, the U.S. Cybersecurity & Infrastructure Security Agency and the FBI warned about increased cyberattacks against schools, including ransomware attacks. In August and September, 57% of ransomware incidents involved K-12 schools, compared with 28% of all reported ransomware incidents from January through July.

Other school districts also are suffering from such attacks. On Monday, the school district in Weslaco, Texas announced that the FBI is investigating a ransomware attack against the district’s computers.

"We do not know the extent of the attack, and we are working to contain the threat," a statement from the district read. "School instruction may have been disrupted for some students this morning. The District has since made adjustments and online learning is now taking place."

Education Is an Easy Target for Hackers

Hackers target school districts because they are easy targets, experts say. Schools that have less sophisticated infrastructure to protect personal data and other sensitive information are particularly vulnerable to cyber crime, Nate Smolenski, the chief information security officer at Corvus Insurance, said in an email interview.

"Unfortunately, many schools fall into this category," he added. "The forced digital transformation brought about by the pandemic, and resultant shift to remote learning meant that appropriate controls were often missed, or system administrators for the collaboration tools schools now rely on may not have been properly trained to add the relevant security controls in these new platforms."

Schools need to boost their defensive measures, Torsten George, cybersecurity evangelist at the IT security company Centrify, said in an email interview.

"Added security would come from incorporating multi-factor authentication (MFA) wherever possible to secure sensitive documents and schoolwork residing in cloud accounts, and a password manager to ensure the use of complex passwords," he added. "With students and school staff using multiple logins across remote learning applications, video conferencing tools, email, storage accounts, and more, password managers help to create lengthy, unique passwords for each login and store them safely."

Students and parents are already struggling with the challenges of remote learning due to the coronavirus pandemic. Ransomware attacks are the last thing that schools need during these difficult times.