Resourceful hackers are taking advantage of the ongoing COVID-19 pandemic to exploit vulnerabilities in K-12 school districts.

School districts across the country have a lot on their plates right now, and it’s likely that most district leaders are far more focused on weathering the current storm than on averting future disasters. Unfortunately, bad actors are all too aware of this ongoing distraction — and they’re wasting no time in taking advantage.

The novel coronavirus pandemic has undoubtedly given cybercriminals more opportunities to strike across industries, from healthcare to financial services. As organizational leaders shift operations online to slow the spread of the virus, hackers have inevitably swooped in. Large-scale data breaches increased 273 percent in the first quarter of 2020 compared to the same time last year, resulting in devastating costs for the affected organizations. 

As the school year revs up, there’s no reason to believe that school districts won’t become targets for similar attacks. On the contrary, there’s substantial evidence to indicate that a variety of factors make school districts particularly vulnerable to cyberattacks.

Cyberattacks on School Districts Are Increasing

In 2019, the number of publicly disclosed cyberattacks on U.S. K-12 schools tripled from 2018 to a total of 348, according to a report from the K-12 Cybersecurity Resource Center. The Center suggests that schools’ increasing reliance on technology for everything from operations to instruction was at least partly to blame for this uptick in cybercrime.

Unfortunately, thanks to the coronavirus pandemic, schools are now more reliant on technology than ever before, and the speed with which educators have had to become accustomed to new tools leaves them especially vulnerable. Bad actors were poised and ready to exploit these vulnerabilities — Microsoft Security Intelligence found that, of the nearly 7.7 million enterprise malware incidences between May and June of 2020, 61 percent came from the education sector.

That means education is currently the single-most targeted industry — so targeted, in fact, that the FBI released a warning at the end of June advising K-12 schools to increase their cybersecurity measures. The FBI warned, “Cyber actors are likely to increase targeting of K-12 schools during the COVID-19 pandemic because they represent an opportunistic target as more of these institutions transition to distance learning.” 

How Cybercriminals Attack Schools 

The most common cyberattacks on schools are data breaches, which comprise about 31 percent of school cybersecurity incidents. Because schools house substantial quantities of sensitive data, including students’ and staff members’ names, addresses, and social security numbers, they’re often a valuable target for breaches. Malware and phishing attacks are the next most common attack, and can result in loss of data or costly ransom demands.

Unfortunately, most school districts are utterly unprepared to defend against any kind of skillful cyberattack — which is exactly what bad actors are hoping for. Few districts have more than one or two IT personnel on staff, much less an experienced cybersecurity team. And, as schools increasingly shift to a virtual or hybrid model, those IT personnel likely have their attention directed elsewhere.

Managing educational technology is no easy task in light of these new threats and vulnerabilities, and your district shouldn’t have to do it alone. Vinson Managed Services can offer you the IT resources you need to manage both new and existing technologies — all while keeping student and staff data safe and secure. As experienced leaders that specialize in K-12 technology, we want to offer the operational support to get you through the current circumstances, as well as the strategic guidance to help you thrive beyond the pandemic. To learn more about Vinson Managed Services, contact us today.