Hackers and scammers target classrooms with ransomware. What can you do?

Emma McGowan 20 Sep 2023

Our young people are always learning. It’s a great time to expand their cyber education to help keep them safe in the classroom.

The school bell rings, kids of all ages take their seats, and there's an atmosphere of anticipation. Students open their textbooks and laptops, ready to explore language, history, science, and math, and further expand their horizons. Yet, unbeknownst to many, there are people lurking behind the screens in the academic world, actors whose intentions are not at all noble. 

In the last few years, hackers have set their sights on an unexpected target: our school districts and classrooms. Bizarre as that may sound, cybercriminals see educational institutions as lucrative targets for fraud and scams. Their tactics seek to profit from scare tactics that threaten students’ work and sensitive information alike. 

Imagine being a parent and receiving an email from your child's school explaining that personal information about your child has been compromised. Or think of a teenager, working hard on a project for weeks, only to find it encrypted by ransomware, held hostage unless a sum of money is paid. 

Today, we’re going to cover some real-life incidents that highlight the importance of cybersecurity and awareness in educational spaces. 

Schools are already being targeted in public scams 

 One real use case comes from a school district in Montana. There, hackers managed to breach a school district’s data system and access the personal details of the student population—including their social security numbers and medical records. The hackers used that data to contact parents through email and texts, threatening to make their child’s information public unless a ransom was paid.  

 For the parents and guardians, the thought of their child’s sensitive data being distributed across the internet was unbearable. For the students, especially those looking ahead to colleges or internships, the potential damage to their reputation was distressing, to say the least. 

Another example comes from a high school in Texas. Just days before the final exams, a ransomware attack locked teachers and students out of the systems that held their coursework and exam materials hostage. The school was given an ultimatum: pay up or risk losing an entire year’s worth of everyone’s hard work. Students and faculty alike were devastated, imagining the countless hours of effort that might disappear on a hacker’s whim. 

In the cases above, thankfully, none of the schools or families paid the demanded ransoms, and the data was eventually restored after some effort. 

So, why are schools targeted? The are a few reasons: 

  • Schools lack financial resources for security. Many educational institutions, especially public schools, operate on tight budgets. Investing in advanced cybersecurity measures often falls outside of their budgets. 
  • Schools store valuable data. Local districts, necessarily, hold a trove of sensitive information. That’s everything from student and faculty personal data to research work. Much of that information can be used to pick up the threads for identity theft, where we know younger people are more sensitive targets. 
  • Schools went digital, fast. In the last few years, many schools have been forced to adopt digital approaches for teaching. A post-pandemic world leans heavily on systems that have been quickly put into place just to work, much less defend against skilled attackers. 

Cyberattacks on schools are alarming, but there is hope  

It’s important not to give up and understand there are solutions; both human and computer-powered options to help defend against these kinds of intrusions. Just as cyber threats evolve, so too do the tools and strategies to combat them. And this is where we all come into the picture to secure our young learners' data and future. 

We are, naturally, big advocates for cybersafety. Our mission is to safeguard digital landscapes. But cybersecurity is not just about having the right software in place; it's a collective responsibility. Here are some guides for how we can improve the safety our our schools, without having to make overwhelming budget overhauls. 

Parents can guide their kids about the importance of strong passwords.  

Passwords are more than just a memorable combination of letters, numbers, and symbols; they are the first line of defense against bad actors getting into spaces where they don’t belong. Encourage students to regularly update their passwords and to never share them, even with close friends. 

School Administrators can prioritize updates and patches to their systems.  

One of the most common entry points hackers exploit is well-publicized vulnerabilities in outdated software. It's essential to collaborate with software providers and security experts to assess your school's digital infrastructure and ensure it's fortified against potential threats. 

Students should always be on the lookout for phishing attempts.  

Hackers can pose as someone you trust, like a teacher or a friend, to steal information. Always double-check the source of an email or message, especially if it contains links or asks for personal details. 

 Our virtual world, like the real one, has its share of challenges. But together, armed with knowledge and the right tools, we can ensure our schools remain sanctuaries of learning, untouched by the malicious intents of scammers and cybercriminals. Remember, protecting our educational institutions isn't just about safeguarding data; it's about ensuring a brighter, more secure future for the next generation. 

--> -->