Business Security

Disruption, data theft and shutdowns in the education sector

Avast Business Team, 7 April 2021

With schools more dependent on technology than ever, cybersecurity gaps are getting bigger

For the nearly six million K-12 teachers and more than 56 million students in the U.S., it’s been a year like no other. First, there were stark, sudden changes to the learning model across every type of educational institution. Students from kindergarteners to doctoral candidates abruptly pivoted to distance and online learning as pandemic restrictions shuttered in-person classes.

The new school year brought a wide variety of different learning formats and approaches, with some institutions resuming in-person classes, others opting for continued distance learning, and others embracing a hybrid of in-person, online, and distance learning.


Further reading:
Is your family ready for distance learning?
Back to (home) school: Preparing for continued distance learning
Teachers talk distance learning


As if the disruption and change that the pandemic wrought isn’t stressful enough for students, teachers, and administrators, the education sector has been under cyberattack more than ever before.

Hackers in the virtual classroom, ransomware in schools

According to a joint cybersecurity advisory issued by the FBI, CISA, and MS-ISAC, since moving to remote learning, K-12 as well as universities have experienced disruption of distance learning caused by hackers. Uninvited users have disrupted live video-conferenced classroom sessions by verbally harassing students and teachers, displaying explicit and/or violent images and revealing information of meeting attendees.

At the same time, more sophisticated attacks have led to the theft of taxpayer dollars, stolen identities, and denial of access to school technology.

Ransomware attacks on education providers more than doubled from 6% in 2019 to 15% in the first half of 2020. According to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year. In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July.

An industry unprepared for the onslaught of cyberattacks 

Pre-pandemic, the education industry was already a prime target for cybercriminals. In 2019, K-12 schools experienced three times the number of cyber incidents compared to 2018. These attacks included malware, phishing, denial of service, and more. Successful incidents slowed access, rendered school computer systems inaccessible, breached confidential student data, and held data and systems for ransom.    

Cybercriminals have discovered that schools are a lucrative source of sensitive personal information on students and teachers. The Washington Post reports that “student data can be more valuable than other types of personal information on the black market because children, who often do not have bank accounts or credit cards, are unlikely to notice the effects or signs of identity theft until later in life.”  

At the same time, schools were becoming easier targets for malicious actors. Despite schools increasing their use of technology, even before the pandemic, they weren’t typically investing enough in cybersecurity protection. In fact, at the end of 2018, education ranked last in cybersecurity preparedness compared to 16 other industries.   

New lesson plan: Protecting schools from cybercriminals

To improve your organization’s cybersecurity stance and protect your school system, consider turning to a modern security solution that is robust and simple to use. Avast’s all-in-one cloud security solutions offer maximum protection, even for those organizations with limited IT budget and resources. 


Learn more in our latest eBook, "The Digital Shift is Upending Cybersecurity for Business: How Remote Work and New Cyberthreats Are Affecting Different Industries."