Expert advice to protect schools and students from ransomware attacks

Schools closed 2.5 days on average in ransomware attacks in 2022
Ransomware attacks against educational institutions are on the rise.
Published: Sep. 28, 2023 at 11:29 AM MDT
Email This Link
Share on Pinterest
Share on LinkedIn

(InvestigateTV) — Around 14% of parents reported being affected by a ransomware attack at their child’s school in 2022, according to cyber security company Kaspersky.

A ransomware attack is when hackers lock up a school district’s computer network and hold it ransom for a payout. In attacks last year, districts paid on average $887,000 just to get access to their data again.

Victimized schools are often disrupted and sometimes are forced to temporarily close.

Kurt Baumgartner, a principal security researcher for Kaspersky, said ransomware attacks are on the rise because school systems have paid out in the past.

“So, they’ll pay a lot of money to these groups to decrypt everything and get everything up and running if they don’t have appropriate backups of days or if they just don’t want their administrative emails and communications leaked to the public,” Baumgartner said.

To combat ransomware attacks, the Biden Administration is promising a new investment in K-12 cyber security. Baumgartner encouraged all local school districts to seek grant money and training opportunities.

He said teachers and parents can also practice basic safety measures to help keep the ransomware attackers from targeting their schools.

“Basic security practices and basic hygiene goes a long way as far as, you know, teachers and administrators not falling for phishing emails,” Baumgartner advised. “But again, two factor authentication would really help with that problem.”

In a perfect world, Baumgartner would love to see schools invest in biometrics like thumbprints for student logins.

He urged parents and PTAs to discuss cyber security and hold their school districts accountable.

The Department of Education (DOE) has information and resources on cybersecurity for K-12 institutions.