Why Our Schools Are Under Increasing Threat of Cyberattack
Over the past few weeks, we have reported how ransomware attacks on corporate America were increasing as attackers go “big game” hunting targeting the likes of Tesla and Garmin. Now as our kids start a new school year with varying levels of distance learning, school districts across the country are being hit by a wave of ransomware attacks. Hartford CT, Mitchell County NC, Haywood County NC, University of Utah, Ponca City Public Schools in Oklahoma and Somerset Berkley Regional High School in MA are a few of the schools and districts that have been recently attacked. A report published in April of this year by Armor, found that 94 school districts and colleges had publicly reported a ransomware attack and those attacks potentially impacted 1,150 schools nationwide in just the first three months of 2020.
Just as our risk of cybercrime increases as we move more of our daily lives online, our nation’s schools are seeing increasing cyber threats as education is pushed online. The software and technology required to enable distance learning is also introducing new potential threat vulnerabilities to our schools.
On the surface, it seems obvious why attackers would target large corporations with deep financial resources as an easy ransom target. But finding the reasons to target a school is a little more complex. Schools generally can’t quickly and easily payout a million-dollar ransom but there are other motivations for hackers to target schools.
Personally Identifiable Information (PII)
For identity thieves, PII has value regardless of its source and school IT systems can be a wealth of PII on both students and parents. Experian defines PII as:
Personally Identifiable Information (PII) is any piece of information meant to identify a specific individual. This often includes data such as a Social Security number, driver’s license number, financial accounts, email addresses, login credentials and passwords, addresses, phone numbers, and birth date.
This information is your unique identifier, singling you out among billions of others. PII connects you to every facet of your life: to the credit scores that allows you to purchase a home, the DMV so you can drive, and to your doctor’s office and your medical records.
The PII data stolen from schools have immediate value on the dark web as seen in the estimates below provided by Experian.
Schools and school districts can be relatively easy targets considering the amount of IT resources available and general lack of sophisticated security. Hackers often use IT resources from a previous attack to provide scale in subsequent attacks. In a Botnet attack, the hackers take over thousands or tens of thousands of computers to brute force their way into other systems or scour the web for the next victim. Schools can be a relatively easy target as attackers build out their server and network resources.
Boredom and Fame
Unfortunately, the tools required to perform these attacks are within easy reach for even the unsophisticated attacker. It is easier than ever for kids to engage in these attacks. The motivation for the young among us to engage in cybercrime can perhaps be for no other reason than boredom or to simply see if they can. Evidence of this can be found in the recent arrest of a 16-year-old accused of bringing down the Miami Dade County public schools. The teen is being charged with Computer Use in an Attempt to Defraud — a third-degree felony. His reasoning for the crime and level of understanding of the severity of the crime has yet to be determined.