In April 2018, Leominster Public Schools in Massachusetts had to pay $10,000 in bitcoin after a ransomware virus infected their networks, making it impossible to access e-mail, lunch payments, the district website, and other essential systems. That’s just one of the incidents highlighted in the recent State of K-12 Cybersecurity report. The report details 10 cybersecurity breaches from 2018 and crunches the numbers from the 122 incidents reported on the K-12 Cybersecurity Resource Center’s incident map. The map contains information gathered from news reports and other sources.
Data breaches were the most frequently reported incidents in 2018, making up 47% of the total, and just over half of these were carried out by staff, students, or other members of the school community. Other data breaches involved breaches of school vendors, with a similar number involving unknown outsiders. More than 60% of breaches included student data.
Phishing attacks made up 16% of cybersecurity breaches, followed by denial of service attacks at 10% and ransomware attacks at 9%.
Source: Levin, D.A. (2019). The state of K-12 cybersecurity: 2018 year in review. Arlington, VA: EdTech Strategies/K-12 Cybersecurity Resource Center.