Future of Learning

Schools prove soft targets for hackers

Cybersecurity is a growing concern as schools collect an increasing amount of data on students.

Sometimes Superintendent Steve Bradshaw has to close the schools in Columbia Falls, Montana because of snow. But he never thought he’d have to call off school because of an attack by the Dark Overlords. Then, in September 2017, students and staff across the district started receiving threatening text messages and emails.

“It was frightening,” he says. “They were saying that they wanted $150,000 worth of bitcoins.”

The Dark Overlords are a faceless group of hackers, most well known for hacking and trying to extort Netflix. They hadn’t attacked a school before.

Like big businesses, schools gather a lot of data. Unlike big businesses, they don’t have many IT and security resources to protect that information. Schools collect names and birth dates, social security numbers, discipline records and health records. With this data, thieves can create fake online identities, or sell the students’ information and identities.

Tara García Mathewson covers innovation and technology in education for The Hechinger Report. She says schools face a lot of cyberthreats.

“This is something that the education industry has been late to the table to,” she says.  “Schools are collecting more data now than they used to, and hackers are turning to schools as sources of data that’s worth stealing.”

EdTech Strategies, a cybersecurity consultancy that tracks incidents of cyberattacks at public K-12 schools, has recorded more than 320 attacks on schools since January 2016.

“Some K-12 districts are reporting probes from hackers and attempted attacks every few seconds, every single day,” García Mathewson says.

With the help of local police and the FBI, the Columbia Falls School District was able to regain control of its servers, and the Dark Overlords backed off from releasing the information they stole after they were paid $5,000. The school district didn’t pay the ransom, and it’s not clear who did.

Today, Columbia Falls has done what it can to improve cybersecurity, but Superintendent Steve Bradshaw still worries it’s not enough.

“We have created what we think is about as safe as we can afford to do,” he says. “I think any district in the country, in all honesty, could get hacked. These guys are so good at what they do. We think we’re one step ahead of them, but I don’t think we are.”

On this episode of the podcast, we’re talking about cyberthreats at schools, and the struggle to keep student data safe.

Letters

Letters to the Editor

Send us your thoughts

At The Hechinger Report, we publish thoughtful letters from readers that contribute to the ongoing discussion about the education topics we cover. Please read our guidelines for more information.

By submitting your name, you grant us permission to publish it with your letter. We will never publish your email. You must fill out all fields to submit a letter.





No letters have been published at this time.