Cyberattacks in School Districts

Since 2016, there have been 855 cyber incidents publicly disclosed by U.S. schools and districts, according to data from the K–12 Cybersecurity Resource Center. There were 348 in 2019 alone, nearly three times the number in 2018. With the increased use of technology for teaching, learning and continuing school operations in today’s remote environment, schools have also become more vulnerable to cyberattacks.

PHISHINGThe most common threat is social engineering attacks, which includes phishing. Phishing is a tactic scammers use to trick users into giving them confidential information such as passwords and network credentials or installing malicious software through fraudulent downloads or attachments. Campaigns run the gamut from impersonating government agencies asking for bank account information to issue stimulus checks to fake businesses pretending to sell personal protective equipment.

RANSOMEWARE ATTACKS – Ransomware attacks, which involve bad actors encrypting data files and systems through malicious software and requiring districts to pay a ransom to regain access, are also another huge threat to school districts. These attacks are particularly challenging in a remote environment because a lot of systems aren’t necessarily set up to be automatically patched once they’re off the network.

EXPLOITATIONCyberattacks also exploit open Remote Desktop Protocol (RDP) ports and Server Message Block (SMB), a protocol used for file sharing and access to remote services, to spread malware like wildfire. Users accessing blocked websites has become a bigger challenge with everyone working remotely.

It’s not often that the technology fails. It’s individuals behaving in ways that put an organization at risk by not using a complex password, or showing reluctance to using multifactor authentication. Educating users is important, especially with looming budget cuts that may affect spending on security improvements such as firewall upgrades and higher-level endpoint protection. Training needs to be ongoing and should include everyone in a district.

Are you interested in learning more on how an MSP could help your organization stay safe? Give us a call at 678-389-6200 or visit

Sources: K–12 Cybersecurity Resource Center