Cyber crooks terrorize school districts

Tom Scanlon, East Valley Tribune (Mesa, Ariz.)
·4 min read

Aug. 16—These days, you may never even see the bad actors trying to victimize you.

Indeed, some of the most devious criminals are invisible, hiding behind technology they use to steal, cheat and extort.

While the crooks often work hard to hack into systems, at other times — such as a heinous mistake made in Scottsdale Unified School District a few years ago — personal information is practically dropped into their laps.

Last week, with 30 public schools across Scottsdale about to open, Scottsdale Unified Superintendent Scott Menzel emphasized "the safety and security of our students and staff is our top priority."

Like many things, security is not what it used to be.

While physical security means having police officers and security guards on patrol, families are looking for districts to also maintain security online.

With cyber criminals terrorizing districts across the country, the Biden Administration last week emphasized school security with a series of announcements.

Years before the pandemic, districts across the country were making grades, homework and announcements available online — but when COVID-19 hit three years ago, schools shifted into online learning.

Even after education returned to normal, districts continued many of the online practices they did during the pandemic.

That provides juicy opportunities for cyber criminals.

To defend against the digital bandits, the U.S. Education Department plans to strengthen school cyber defenses.

According to a press release, "The department issued new technical briefs for schools, including one co-authored with the Cybersecurity and Infrastructure Security Agency. A $200 million cybersecurity proposal from the Federal Communications Commission is also pending."

Major attacks hit districts in Minneapolis, Los Angeles and Baltimore.

"In the 2022-2023 academic year alone, we saw at least eight major cyber attacks on our schools," said Anne Neuberger, the administration's deputy national security adviser for cyber and emerging technologies, to reporters on Sunday.

"Four of those attacks left schools having to cancel classes or close completely as a result of disruptive building operations and classroom technologies."

A criminal hack in Minneapolis earlier this year "was a particularly vicious example of these kinds of cyberattacks," Neuberger said.

More than 300,000 files — including medical records, Social Security numbers and sexual assault case files — were dumped online after the 36,000-student Minneapolis Public Schools district refused to pay a $1 million ransom.

Local and state officials told the Government Accountability Office that lost learning following a cyberattack ranged from three days to three weeks, and that monetary losses ranged from $50,000 to $1 million.

"Just like other public and private organizations, K-12 school districts are targeted regularly by cyber criminals for a variety of purposes, often through phishing emails designed to steal network credentials," noted Dr. Michelle Watt, SUSD's chief systems officer.

A map by K12 Security Information Exchange and EdTech Strategies shows Scottsdale Unified School District is one of scores of districts across the country that had a "cyber incident." SUSD reported a data breach in 2018.

According to the national service, "Families of nearly 2,000 students in the Scottsdale Unified School District were told in a letter that their names, school ID number, participation in special education programs and more were accidentally provided as part of a public records disclosure.

"In the letter sent to parents dated Dec. 17, school administrators wrote that student data was inadvertently revealed in three public records requests in an Excel spreadsheet last summer."

The incident was relatively minor, as SUSD officials contacted recipients of the record requests, who agreed to destroy the records.

And employees responsible for the disclosure were disciplined.

Other districts have had breaches, leaks, phishing, denial of service and ransomware attacks.

"To safeguard the systems and data we use to deliver world-class future-focused learning, we continually update and harden our systems, implement best practices, and educate our staff," Watt said.

She added, as a "cybersecurity best practices," SUSD uses multi-factor authentication for staff accounts.

'Alleviate the gaps'

Watt said SUSD tunes in to recent cybersecurity news as part of professional organizations at the state level, including the Arizona Technology in Education Association, and the national level, including the Consortium for School Networking (CoSN).

"I was pleased to hear that recent efforts led by CoSN to increase awareness of funds needed for cybersecurity resources resulted in a plan from the FCC to provide funding for this type of support," Watt said.

"This plan could alleviate the gaps in support for cybersecurity that currently exist in the ... program SUSD uses to help provide network access to our 29 schools and one online school."

Watt also noted the Arizona Department of Homeland Security is now providing resources to schools through a Cyber Readiness Program "and we plan to increasingly make use of the specific resources they provide."

SUSD has a new safety campaign called "DIG IT," which stands for securing doors, identification, gates and information technology (IT).

"Students are encouraged to keep their password private, not leave an unattended device unlocked, and can change their password themselves as needed," Watt said.

"October is national Cybersecurity Awareness Month and each year we increase communication with students and families regarding tips for staying cyber aware including how to spot potentially malicious email communications and reminders to keep software updated."