Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label school closures. Show all posts

Rising Cybersecurity Threats: Ransomware Attacks Disrupt Tucson and Nantucket Schools

 

The Tucson Unified School District in Arizona and Nantucket Public Schools in Massachusetts, despite stark contrasts in size and location, both experienced ransomware attacks in early 2023. Tucson, serving around 42,000 students, operates within a major city, while Nantucket's district, with fewer than 2,000 students, is situated on a small island. 

On January 30 and 31, both districts were struck by cybercriminals using ransomware—a form of malware that locks access to critical systems until a ransom is paid. These attacks forced Nantucket schools to close and compromised sensitive data in Tucson.

According to K12 SIX, a nonprofit dedicated to cybersecurity in schools, ransomware incidents within K-12 education have surged in recent years, with around 325 attacks reported between April 2016 and November 2022. In the past year alone, nearly 85 additional incidents have targeted school networks. Data reveals that some districts have even faced ransomware multiple times within this period.

Roberto Rodriguez from the U.S. Department of Education estimates that five cybersecurity incidents hit K-12 schools every week, causing legal, financial, and operational disruptions, as well as emotional impacts on school communities. Experts also note that attacks often involve international criminals, raising national security concerns.

Amy McLaughlin of the Consortium for School Networking (CoSN) explains that K-12 schools are vulnerable because of inadequate cybersecurity resources despite holding extensive digital information, including personal and financial data. She emphasizes that these incidents are not just attacks on individual schools but on the fundamental concept of free public education in the United States.

New extortion tactics, such as dual or triple extortion, compound the issue. Here, criminals not only encrypt data but also threaten to release sensitive information publicly. This heightens risks for identity theft and other types of fraud affecting students, staff, and their families.

These escalating cyber threats have underscored the need for stronger cybersecurity protocols within K-12 education. Doug Levin of K12 SIX notes that the lack of preventive measures, like multifactor authentication, has left schools more exposed to cybercriminals, who primarily target schools for financial gain.