Schools don’t have great cybersecurity, and hackers have caught on : NPR

Scott Elder has a pretty typical morning routine. He wakes up at 7 a.m., drinks coffee and feeds the dogs, Bella (a rat terrier) and Spencer (a Chihuahua). But on Jan. 12, 2022, Elder’s routine was interrupted by a concerning phone call.

Elder is the superintendent of Albuquerque Public Schools in New Mexico, and the call came from his district’s IT department, saying they had found some sort of computer virus.

He recalls thinking, “Oh, we’ve got a bug in the system and they found it so they’ll just kill it and we’ll be done, right?”

The bug was in the student records system. So Elder’s IT staff shut that network down. But that meant teachers wouldn’t have access to basic information about the almost 70,000 students enrolled in New Mexico’s largest school district. Educators couldn’t take attendance, wouldn’t know children’s bus routes and were locked out of grading systems.

Meanwhile, IT staff was desperately trying to figure out whether the computer virus had spread to their health records, security system and payroll.

Over the course of the morning, Elder began to understand the enormity of the situation.

“I would say that I went from mildly disturbed at 7 a.m., to very concerned by 9 a.m., to sick to my stomach by noon because I was beginning to realize that this was not a one-day event, that we had a real problem.”

Then came the ransom demand for more than a million dollars.

School systems of every size have been hit by cyberattacks, from urban districts like Los Angeles and Atlanta, to rural districts in Pennsylvania and Illinois. And the problem has been growing.

While it’s hard to know exactly how many K-12 school systems have been targeted by hackers, an analysis by the cyber security firm Emsisoft estimates that 45 school districts were attacked in 2022. In 2023, Emsisoft found that number more than doubled, to 108.

“The education sector has been and continues to be very heavily…