by Tyler Mahaffey
In recent years, the number of ransomware attacks on schools have drastically increased. In 2018, 116 ransomware attacks on schools in the US were reported. In 2020, 408 ransomware attacks on schools in the US were reported. That is a 252% increase in 2 years. Although other reports put the number of attacks on schools upwards of 1,000. These ransomware attacks can have dire consequences, they can affect students, teachers and the district as a whole.
This is an issue with potentially serious consequences. Hackers can retrieve the personal data of students and teachers and then sell that information if the school does not pay the hacker. This personal information can include social security numbers, credit card or bank account numbers, drivers licenses, personal health information and passwords. Hackers can sell this information to others who can use it to take out loans and credit cards in the name of a student or teacher. A ransomware attack like this happened to the Manhasset School District on September 14, 2021. The Manhasset School District has said that student and faculty personal information was stolen, this included mental health information, physical health information and disciplinary actions. The Manhasset School District also said that student Social Security numbers and clean credit card histories were stolen, this information could be used for identity theft.
Ransomware attacks affect schools as a whole too. Hackers usually gain access to a school district’s computer system through email; this happens when a faculty member of the district opens up an email and clicks a link or attachment. This allows the malware to enter the school district’s computer system. Once a hacker has access to the computer system they can encrypt files. Then the hacker will demand a ransom to give the key to the school so they could decipher the files. The cost of these ransoms have previously ranged from $88,000 to $176,000. This ransom is usually paid in Bitcoin. However, most schools do not have to pay all the money out of pocket, usually the school’s insurance company if they have one pays out most of the ransom. Such was the case in July 2019 when the Southside School DIstrict was targeted by hackers. Although the ransom was set at $88,000, Southside School District only paid $10,000. The rest of the money was paid by their insurance company.
Many of these hackers have used a virus known as the Ryuk Virus to attack schools. Recently, Southside and Mineola school districts have been attacked by the Ryuk Virus. The Ryuk virus is a form of ransomware that commonly targets Microsoft Windows computer systems. The Ryuk virus requires ransoms to be paid in bitcoin. The virus is much more dangerous than other viruses because it can defeat many anti-malware systems in computer systems, many of these anti-malware systems are commonly used in organizations like schools. The virus is also dangerous because it can attack and disable files on shared computer systems. These computer systems usually have back-up files.
So what can school districts do to prevent damage from ransomware attacks? Schools can have back-ups of files on their computer system and can save them to a server that is not shared with the main server for the school district.. They can also have insurance on their computer system so if a ransomware attack does occur, it will be less detrimental.