« Texas Law Requires Districts to Plan for Cyberattacks. Will Other States Follow? | Main | States Have Tried to Ban Cellphones in Schools. It Hasn't Gone Well. »

Malware Attack Prompts School District Closure: K-12 Cyber Disruptions Rising

data-hack-Getty-article.jpg

The Flagstaff Unified School District in Arizona is just the latest to fall victm to a cybersecurity attack so disruptive it forced schools to close Thursday and Friday of last week.

Schools were back in session on Monday, after the district's team worked "round the clock securing systems and updating computers and devices," according to the district's website.

The ransomware, a form of malware that typically requests payment in exchange for access to locked computers, was detected when a message popped up, asking for payment.

The message did not include a specific dollar amount and had untraceable contact information, District Technology Director Mary Knight told the Associated Press.

The district wouldn't consider making a ransomware payment, she said.

Instead, the district checked systems that control doors, bells, transportation, bells, food service, and more.

"We know how disruptive this is to our families. Canceling school is one of the most difficult decisions I make as a superintendent and it's not one I take lightly," said Mike Penca, the superintendent, according to the Associated Press. "We just need to know, when we have kids back, that our school environment is safe and that we can operate as normal."  

Flagstaff's struggles aren't unique. A 2018 Education Week Research Center survey found that 27 percent of ed-tech leaders found malware or viruses to be a "significant" or "very significant" problem. Districts are using strategies, including encouraging staff to update their passwords, giving staff additional IT training, and backing up information and storing it off site in case of an attack.

And the K-12 Cybersecurity Resource Center documented 122 publicly reported cyberattacks on schools in 2018. Well over half resulted in the sensitive data of students or staff being compromised.

It's critical that districts not wait to take basic steps, said Doug Levin, the CEO of consulting group EdTech Strategies, which operates the K-12 Cybersecurity Resource Center.

"Just like we know that eating right and exercising can lead to a healthier life, there are basic cyber hygiene practices—such as deploying anti-malware and anti-phishing technology, ensuring IT systems are backed up, implementing multi-factor authentication, and offering user training—that can make a big difference," het told my colleague, Ben Herold.

Want to learn more about how cyberattacks are disrupting schools and what can be done about it? Check out Education Week's cybersecurity special report

The Associated Press contributed to this report. 

Image: Getty


Don't miss another Digital Education post. Sign up here to get news alerts in your email inbox.

Notice: We recently upgraded our comments. (Learn more here.) If you are logged in as a subscriber or registered user and already have a Display Name on edweek.org, you can post comments. If you do not already have a Display Name, please create one here.
Ground Rules for Posting
We encourage lively debate, but please be respectful of others. Profanity and personal attacks are prohibited. By commenting, you are agreeing to abide by our user agreement.
All comments are public.

Follow This Blog

Advertisement

Most Viewed on Education Week

Categories

Archives

Recent Comments

  • reflections apartments: AIMCO and cock roaches read more
  • reflections casselberry: AIMCO and cock roaches read more
  • tworzenie stron internetowych RzeszĂłw: As I web site possessor I believe the content matter read more
  • reflections apartments: http://www.youtube.com/watch?v=_lyhMey4CVE read more
  • Free Twitter Marketing: My Brother just mentioned this website to me, and told read more