School & District Management

Five Hundred Schools Have Been Hit by Ransomware in 2019, Report Finds

By Alyson Klein — October 03, 2019 1 min read
  • Save to favorites
  • Print

The Mobile County School District in Alabama. Guthrie Public Schools in Oklahoma. Pennsylvania’s Wyoming Area School District.

What do they all have in common? They are among the 500 schools that have been victimized by ransomware so far this year, according to a recent report from the Armor Threat Intelligence Briefing. What’s more, 15 districts were hit in the last two weeks of September, just as the new school year was rolling out.

That’s a big uptick from 2018, according to a statistics from the K-12 Cybersecurity Resource Center. K-12 schools experienced 119 cyber incidents in 2018 and only about 10 percent involved ransomware.

Ransomware, in which hackers seize a school’s data and may demand money for releasing it, can lead to major interruptions for schools.

Case-in-point: Over the summer, two school districts on New York’s Long Island—Rockville Center and Mineola—were held hostage. Rockville Center paid $88,000—more than many teachers’ annual salaries—to release the data. Mineola had a back-up server that wasn’t compromised by the attack.

Connecticut had seven school districts that were the victims of ransomware attacks so far this year. That translates to 104 individual schools, the most of any state, the report found. And at least two school districts&mdah;Monroe-Woodbury in Central Valley, N.Y. and the Flagstaff Unified School District—delayed the start of the school year because of ransomware attacks, the report found.

What’s more, in July, Louisiana Gov. John Bel Edwards issued a state of emergency due to ransomware and malware attacks against several local schools. That step made state resources available to districts, including the Louisiana National Guard, the state police, and the state’s office of technology services.

And last month, the U.S. Senate passed the “DHS Cyber Hunt and Incident Response Teams Act” , which would authorize the Department of Homeland Security to help state and local governments, and school districts respond to cyber threats and restore infrastructure after an attack. Similar legislation has already passed the U.S. House of Representatives.

Related Tags:

A version of this news article first appeared in the Digital Education blog.