Cybersecurity Attacks on Educational Institutions Amid COVID-19: What You Need to Know

Across the country, the coronavirus pandemic thrust schools, students and teachers into remote learning situations which they were not fully prepared for. Major upheavals that would have usually taken months or years to implement were put in place practically overnight. Administrators, teachers and students were suddenly required to transition to virtual class settings and familiarize themselves with online learning applications like Zoom, Class Dojo and Canvas. With this switch, the threat of ransomware and other cybersecurity attacks began to loom.

While these technologies surely helped flatten the pandemic curve by keeping people at home, they have also revealed glaring vulnerabilities at educational institutions nationwide. Since this spring schools have faced a number of speed-bumps and challenges as they’ve attempted to ensure student access and connectivity, and some alarming new studies show that students may be falling behind as a result. On top of it all, another pressing issue that schools face due to widespread remote learning is the evolving threat of cybersecurity attacks like ransomware.

The Threat of Ransomware and Other Cybersecurity Attacks

Ransomware is a computer virus that disguises itself as a harmless email or link. Once that link is clicked by a user, it has the ability to shut down entire operating systems until a ransom is paid to those responsible for the attack. Ransomware has become increasingly popular for cybercriminals because it’s cheap, easy to deploy and targets a weakness that outdated security systems simply cannot protect against — remote internet users.

Even before remote learning went into effect, ransomware attacks proved to be costly, disruptive and dangerous for schools ranging from elementary schools to institutions of higher education. And now experts agree that ransomware attacks on learning institutions could become even more widespread. This is because many districts rely on cybersecurity platforms that only protect staff and students if they access the internet on school grounds. Combined with the fact that teachers and administrators have been forced to use personal and public internet to access applications like Blackboard, Coursera and IXL learning, it’s easy to see why schools are vulnerable.

Many Institutions and Districts Have Already Been Targeted

As a result, a growing number of schools across all levels of learning, have recently fallen victim to ransomware attacks. In the last few weeks alone, Long Island’s North Babylon School District’s computer network was infected with a ransomware-type virus bringing distance learning to halt for 2,200 high school students. Additionally, Columbia University, along with Michigan State University and the University of California, San Francisco, have also all been targeted by a group of sophisticated hackers that is threatening to sell private student data and personal information on the dark web unless their demands are met.

Today’s situation should serve as a wake-up call for schools and districts that didn’t have the proper cybersecurity measures in place. After all, many schools are still unsure if they will reopen in the fall.  This may signal continued remote learning for the remainder of the calendar year and potentially beyond. During this period, we can be sure that bad actors will continue to sharpen their skills and launch new attacks on schools across the country.

The Need for Cybersecurity

In order to address this problem and ensure the safety of their students, schools should consider hosting cybersecurity training for administrators, staff and students to further ensure the security of their networks. Districts should also consider replacing their outdated, hardware-based security systems and implement solutions that are able to protect users and devices no matter where they are.

By prioritizing evolving their cybersecurity training and strategies, schools will take a very important step toward mitigating the risk of ransomware attacks and guaranteeing the safety of teachers and students.

Peter Martini is the president and co-founder of iboss, a cybersecurity provider.

Featured Image: Josue Valencia, Unsplash.