New Report Uncovers Cybersecurity Challenges Facing K-12 Schools

/in


A tour through the busy halls and classrooms of our K-12 public schools would not reveal any clues to the underlying threat they face daily from cyber threat actors intent on disrupting the digital safety and security of students, staff, and their data. K-12 schools have emerged in the past several years as one of the most frequently targeted of our public institutions in the United States. While the hardworking IT and cyber professionals in this sector have made great strides in applying effective cyber defenses, more can be done. The Multi-State Information Sharing and Analysis Center (MS-ISAC) produced our first K-12 Report as a way for K-12 leaders to better understand their cyber risk and take decisive actions to mitigate it.

At the MS-ISAC, we have a unique vantage point to view the cybersecurity challenges and threats faced by various critical infrastructure sectors among state and local governments in the U.S. We manage the largest cyber threat database on U.S. State, Local, Tribal, and Territorial (SLTT) governments, informed by telemetry from thousands of sensors deployed across SLTT networks, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and more than 200 threat intelligence sources. We process more than 100 petabytes of data each month – the equivalent of two billion four-drawer filing cabinets full of information related to the cybersecurity of state and local governments. While our more than 3,700 K-12 school and district members are among the most highly targeted, they are also among the most active segment of our 14,000 organizational members in the MS-ISAC. Given the cyber threat they face, they have to be.

The cybersecurity threat to K-12 schools is persistent, and the potential harm of cyber attacks threatens both the vital work of our education system and the data security of an entire generation of young Americans. Ransomware remains the most impactful cybersecurity threat to K-12 schools, often resulting in significant financial loss and taking schools offline for days. Some K-12 ransomware attacks have taken months to fully remediate. Cyber threat actors’ demands seemed to have increased over time, with ransom demands exceeding…

Source…