Bill gives school districts resources to guard against cyberattacks
Courtesy
President Joe Biden signs S. 1917 The K-12 Cybersecurity Act of 2021, Friday. Oct. 8, 2021, in the Oval Office of the White House. (Official White House Photo by Adam Schultz)
Published Friday, Oct. 8, 2021 | 2 p.m.
Updated Friday, Oct. 8, 2021 | 3:36 p.m.
A hacker published Clark County School District records, including employee Social Security numbers and student names, addresses and grades, after a ransomware attack on the school system in August 2020.
The bipartisan K–12 Cybersecurity Act of 2021, signed into law today by President Joe Biden, will give resources to school districts to help them protect themselves against cyberattacks.
“This is what we do best when we come together,” said Sen. Jacky Rosen, D-Nev., who co-sponsored the bill following the attack on Clark County School District, the fifth largest school district in the United States. “It’s going to direct the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to do a deep dive to report on vulnerabilities in school districts across the country.”
The agency will study challenges schools face in keeping their information systems and sensitive student and employee records safe, the bill states.
“Cyber Security issues have affected public schools throughout the nation and CCSD works to make sure our students, their families, and district employees’ information is secure from cyber criminals,” the district said in a statement.
The criminal data breach against CCSD was “unacceptable,” Rosen said. After the district refused to pay a ransom, the hacker published the sensitive documents online.
Other vulnerable entities across the country also have become victims of ransomware attacks, which are happening more frequently, Rosen said. In such attacks, hackers lock up computer data and demand a ransom to release it.
In 2020, 1,681 schools, colleges and universities in the U.S. and 560 health care facilities were victims of ransomware attacks, according to the Emsisoft Malware Lab.
University Medical Center reported a hacking incident this summer that impacted about 1.3 million people. The victims’ driver’s license, Social…
