Cyberattacks find easy target in nation’s schools

School districts across the country are increasingly becoming a major target of malicious cyberattacks, leaving both the federal government and state governments scrambling to find ways to fight back.

Recent cyberattacks on school districts in Louisiana, Virginia and Oklahoma have highlighted the threat. In Louisiana, Gov. John Bel Edwards (D) declared a statewide emergency last month in response to ransomware attacks on three school districts, and authorized state resources and cyber assistance to help the districts.

Last week in Oklahoma, Broken Arrow Public Schools were also targeted by a ransomware attack, in which an attacker encrypts the system and demands payment to unlock it. School District Superintendent Janet Dunlop said in a statement that the district had experienced “network and server issues which are believed to be caused by criminal actors attempting to disrupt the operations of our district.”

Dunlop said the district had notified the FBI and would work to “hold the wrongdoers accountable.”

And in Spotsylvania County, Virginia, the school district revealed this week that both it and the county government were the victims of email scams. The investigation has been turned over to the Virginia State Police, with local news outlets reporting that school officials fell for an email scam and paid $600,000 to a cyber scammer, thinking they were paying a contractor for a new football field.

While school districts may not seem to be the obvious target for hackers in comparison to governments or essential services, Doug Levin, the founder and president of EdTech Strategies, a consulting firm, told The Hill that they are easy targets due to outdated systems and the fact that they handle large amounts of money.

“They are a soft target, for those that are doing not-very-sophisticated attacks and they are looking to ransom people and steal data, they are just scanning the internet for easy targets and outdated systems,” Levin said.