Many schools are implementing additional security measures this fall.
Some of the increased security measures are being put into place not just because of high profile school shootings, but because of other problems on campus.
For example, Alexandria City Public Schools in Virginia is one such school district implementing greater security measures. The more stringent school rules are being implemented in part due to a tragic and fatal stabbing that occurred off-campus in May during a fight involving dozens of students.
While physical security is important for obvious reasons, cybersecurity should complement physical security measures to fully protect students.
K-12 schools are responsible for training and educating our most valuable resource: our children. Security on all levels is critical for student health and well-being. Physical security is needed for obvious reasons, but the need for cybersecurity might not be so obvious on the surface. However, cybersecurity is also important for the well-being of the children at K-12 schools.
Each elementary, middle school, and high school student has a record. This personal record may contain a lot of confidential information. On a mundane level, the record will contain grades as well as home address and contact information. But school records can also contain behavioral notes, disciplinary actions, and private health data that may have been shared with the school.
If student data is stolen, a lot of bad things could potentially happen. For the school, a large ransomware bounty might be placed on the data That could run into the millions. But students are the ones who might suffer actual harm from such breaches. For example, let’s say a parent has relocated to a new school district to get away from an abusive spouse. If the student’s home address is leaked, that former spouse could come and kidnap the child.
Furthermore, schools are required to keep student data private according to various state and federal regulations. If schools are not following proper cybersecurity measures, they could be out of compliance and violating laws.
Here’s the bad news: ransomware attacks on K-12 schools are increasing.
In April 2021, Broward County Public Schools in Florida were hacked by the malware group Conti, and a $40 million ransom was demanded from the school district. The school district refused to pay the fee, and almost 26,000 stolen files were published online in retaliation.
Among those files were “750 employee mileage reports, 36 employee travel reimbursement forms, more than 700 invoices for spring water, more than 1,000 invoices for school construction work, about 400 payments to Broward Sheriff’s Office or local police departments for security, dozens of utility bills and several employee phone lists.”
Worse, one of the invoices included the name and birthday of a 9-year-old who was being assessed for a disability.
In July 2022, Mooresville Schools in Indiana experienced a cyberattack by the ransomware group BianLian. Unfortunately, around 4,200 student records were possibly breached, records that included names, addresses, and social security numbers.
Today’s students have enough stress on their plates. To have their private school records posted online for the world to see is a potentially embarrassing – and even worse, psychologically damaging – event that could set a child back in a terrible way. Worse, predators could use this private data to track or stalk children.
Thus, schools need to be just as vigilant with their cybersecurity as with their physical security. In many ways, the two go hand in hand, because lax cybersecurity could provide an opening for a hostile actor to gain access to school grounds.
Blue Technologies can protect your K-12 school from ransomware and cyberattacks with comprehensive Managed IT services. We will keep your networks secure with patch management, antivirus, security monitoring, and data backups. We will also proactively prepare your school for the worst through expert disaster recovery planning. Our managed technology services always include detailed reports about the status of networks and systems, including whether your school is maintaining compliance with all relevant regulations.
Protect your school – and its private student data – from hackers. Contact a Blue Technologies consultant and schedule a cybersecurity consultation today.