Government agencies, businesses, hospitals and universities are the frequent targets of staggering data breaches that can affect millions of people. Their stolen personal information is sold to the highest bidder. But K-12 schools are also at risk, from outside threats as well as students who want to stir up trouble. As schools rely more on technology for day-to-day operations, the risk increases. There’s also the wealth of data that schools routinely collect on students and store on their servers, from attendance records to social security numbers to medical issues.
And school databases are viewed as gold mines to potential attackers. Social security numbers for children under the age of 18 can be sold at a premium because the likelihood they have any identify theft protection monitoring in place is low. A child’s credit, which is generally not tarnished with poor credit histories, can be exploited before it’s even established.
“I don’t think there’s a school district in America that doesn’t have important digital assets sitting on a computer somewhere that needs to be protected,” said Michael Kaiser, executive director of the National Cybersecurity Alliance.
In this past year, many higher education institutions were in the headlines for data breaches. Pennsylvania State University, University of Virginia, University of Connecticut, Washington State University and Johns Hopkins University were all the target of major attacks. It’s a trend that is forcing schools to think harder about how they protect students from such cyber attacks.
But K-12 schools have been slower to adopt the strict kinds of security standards needed in today’s landscape, often due to budget constraints, even in the face of multiple public school district cyber attacks in 2015. Do the lunch menus need protection? Probably not. But personal data such as staff payroll information, medical records, and employee and student dates of birth and Social Security numbers sure do.
When an employee of the Provo, Utah, school district mistakenly clicked on a phishing link in an email last year, the private data of about 5,000 employees were put at risk. The Washington Post reported that an attack at Prince George’s County public schools in Maryland resulted in the theft of personal information, including Social Security numbers, affecting 10,000 of the district’s nearly 24,000 employees. And right in our own backyard, the Miami-Dade school district faced an attack that led to blank screens throughout the state as students attempted to take their standardized tests.
In 2015, nationwide education represented 6.9 percent of hacker targets, according to hackmageddon.com, ranking fourth in 11 categories. That is a substantial risk for the education sector and the numbers keep on rising. With a growing reliance on technology, schools of all sizes face the same advanced threats as corporations and government agencies, including viruses, malware and targeted attacks.
When it comes to cybersecurity, schools can never afford to be at risk. It’s imperative that a comprehensive protection plan should be put in place with a multi-tiered security solution. Contact SLPowers today and speak with our security experts about taking a new approach to today’s advanced attacks, even with a tight budget.
Categories: Data Security