WASHINGTON D.C. — The federal government warns K-12 are facing a growing threat from cyberhackers.
According to the FBI, those school districts often have limited cybersecurity protections which makes them more vulnerable.
Experts say these cyberattacks are affecting school districts of all sizes and types with incidents popping up from coast to coast.
Now the FBI says it anticipates the number of threats to increase as the new school year ramps up.
In a recent warning, the FBI and some of the nation’s top security agencies say the ransomware group called Vice Society is disproportionately targeting K -12 schools.
“We have seen widespread credit abuse, identity theft, even tax fraud,” said Doug Levin, National Director for K12 Security Information eXchange (K12 SIX).
National nonprofit K12 Security Information eXchange has been tracking these kind of threats for years. So far, K12 SIX seen more than 1,300 publicly reported cyberattacks since 2016. During these incidents, Levin said your children’s personal information is most at risk.
In some cases, he explained students as young as first graders have had their identities stolen and families didn’t know there was an issue until years later.
“They don’t know until they, until it is time for them to apply for a student loan or try to rent their first apartment, and they are rejected from those opportunities because their credit records have been abused, and they had no idea,” said Levin.
The issue may be much more widespread. Levin believes there are likely 10 to 20 times more ransomware incidents at schools than we know about.
He said districts don’t always report cyberattacks because often they weren’t prepared ahead of time. Levin believes this must change.
“Putting in place a regime that would require some sort of incident reporting, both to the to the government, to other school districts, so they can take the steps to protect themselves from the same sorts of incidents that a school may be facing,” said Levin. “But also, to parents and families and educators themselves. They need to know when they are personally at risk so they can take steps to protect themselves.”
Experts advise schools should also have a minimum standard for cybersecurity management along with resources and guidance to keep their systems safe.