Schools are under a significant assault from cyber criminals. And the consequences of even one successful breach can haunt schools and students for years. 

In 2020, for example, Baltimore County Public Schools (BCPS) realized they were under a cyber attack from hackers that had been in its systems for around two weeks, according to Route Fifty. As reported by the Maryland Office of the Inspector General for Education, the attack was due to third-party operator error. 

After a staff member received an suspicious Excel spreadsheet in an email, that person was unable to access it and forwarded it to a contractor who could. One of the contractors accidentally opened the email with the attachment using their unsecured BCPS email domain account, instead of their secured email domain, and that was the catalyst which opened the network up to malware. 

The BCPS fallout included lost days of schools, roughly a year to fully restore the networks, and in total over $9.6 million to fully recover, which included network upgrades and migrations to a new platform. 

The incident with BCPS isn’t rare. In September 2022, the Los Angeles Unified School District (LAUSD, one of the largest school districts in the United States) fell victim to a successful cyber attack. And even quick research will show waves of cyberattacks befalling schools. 

As schools become more reliant on technology for remote learning and administrative functions, they are also prime targets for cybercriminals seeking to exploit vulnerabilities and disrupt operations.

But the consequences extend far beyond the cost to a school or even a district. Students are also shouldering some of the burden from a cyberattack, the ramification of which could follow them for years. 

Why Malware Attacks Are Targeting Schools

Identity theft can have a lasting effect on students. But why are ransomware attacks, phishing, and malicious software so focused on student profiles?

For one thing, younger people are easier to target. While adult employees are more familiar with cyber risk and hopefully receive regular training on how to take the appropriate security measures to prevent cyber threats, kids might not notice right away when someone is trying to steal data. 

On the other hand, though, kids’ information can be equally if not even more valuable to attackers.

Understanding Cyber Attacks: The Value of Student Data

The motives behind hacking student data range from financial gain to espionage and sabotage.

Student data can, for instance, be valuable on the dark web, where it can be sold to identity thieves or used in various fraudulent activities. Some information, such as Social Security numbers and birthdates, can also be used to steal identities, apply for loans or credit cards, or commit other forms of fraud. 

And, since kids aren’t regularly tracking their credit, criminals can apply for loans and generate huge amounts of debt in a minor’s name before anyone learns about it.  

Cybercriminals may seek to disrupt school operations by deleting or altering student records, too, causing chaos and reputational damage to educational institutions. Or they may encrypt student data and demand a ransom for its release, disrupting school operations and extorting money from educational institutions—for political, economic, or any other purpose.

We tend to think of student data as exam grades. However, there’s so much more sensitive information contained in these records. For example, a kid’s birth date, allergies, social security number, history of drug use, or even home income.

The Impact of a School Data Breach

The impact of falling victim to a cyber attack is two-fold.

In terms of the personal consequences of cyber attack campaigns are identity theft, emotional distress, and stigmatization, among others:

• Identity theft: Students and faculty who become victims of identity theft might have their sensitive personal information, such as Social Security numbers and birthdates, exposed. This can lead to financial loss, damage to credit scores, and years of struggle to rectify the situation.
• Emotional distress: Victims of data breaches may also experience anxiety, stress, and a sense of violation due to the loss of privacy and control over their personal information. This emotional toll can affect academic performance and overall well-being.
• Stigmatization: Individuals whose sensitive data is exposed may face stigmatization or discrimination, particularly if the breach involves sensitive or embarrassing information. This can, in turn, lead to social ostracization and long-term psychological effects.
• Academic impact: Disruption caused by the breach, such as downtime in accessing online learning platforms or loss of academic records, can hinder students’ learning progress and academic performance.
• Loss of Trust: Students may lose trust in their school’s ability to protect their data, leading to decreased confidence in the institution and reluctance to share personal information in the future.
• Cyberbullying and harassment: Breaches exposing sensitive information can make students vulnerable to cyberbullying, harassment, or blackmail from peers or external actors.
• Family stress: Data breaches can cause stress and concern for students’ families, who may worry about their children’s safety and privacy.

In a way, cyber criminals preying on student data and exploiting the private information of minors could accurately be labeled child abusers, because that’s exactly what they’re doing. 

One step beyond students are the impacts to the school and district. For example:

1. Financial loss: Schools may incur significant financial losses due to the costs associated with investigating and remedying the breach, providing credit monitoring services to affected individuals, and potential legal fees and settlements.
2. Reputational damage: A data breach can tarnish the reputation of a school, leading to a loss of trust among students, parents, and the community. This can result in decreased enrollment, loss of funding, and difficulty attracting top talent.
3. Legal consequences: Just like it happens for government agencies and cybercrime, schools may also face regulatory fines and penalties for failing to protect sensitive student information adequately. Additionally, affected individuals may file lawsuits seeking damages for the mishandling of their data.
4. Disruption of operations: Data breaches can disrupt school operations, leading to downtime, loss of productivity, and interruption of critical services. This can impact teaching and learning activities, administrative functions, and extracurricular programs.
5. Loss of intellectual property: Schools may lose valuable intellectual property, such as research data, proprietary teaching materials, and student records. This can have long-term implications for academic integrity, research collaboration, and institutional competitiveness.

Recovering from social engineering attacks can be a long and emotionally complex process. Many families actually feel overwhelmed just considering the idea that someone could gain unauthorized access to their kids’ data. So, cybersecurity management is paramount for schools to prevent the possibility of such attacks.

Preventing School Cyber Attacks

There’s little doubt that preventing cyber-attacks in schools is crucial for safeguarding sensitive student data and maintaining the trust of students, parents, and staff. The question is: How can these organizations ensure uninterrupted learning?

The first measure should be to provide regular cybersecurity awareness training to students, teachers, and administrative staff. For example, teaching them how to recognize phishing emails, avoid clicking on suspicious links, and report any unusual activity promptly.

Enforcing the use of complex passwords and multi-factor authentication (MFA) for accessing school accounts is also essential. For instance, schools should encourage users to regularly update their passwords, avoid using the same password across multiple accounts, and monitor virtual private network and general network traffic and user activity for signs of unauthorized access, malware infections, or unusual behavior.

And, of course, it’s also vital to implement robust (yet affordable) network security measures, including firewalls, intrusion detection systems, and antivirus software, and secure all laptops, desktops, tablets, and other endpoint devices used by students and staff.

How Coro Cybersecurity Can Help Schools

Coro offers an all-in-one, comprehensive cybersecurity platform to help schools enhance their security posture and protect against cyber attacks.

We offer robust email security solutions that include advanced filtering and detection capabilities to block phishing emails, malware attachments, and malicious links. Our endpoint solutions can also protect your school’s laptops, desktops, and mobile devices and secure your network infrastructure with firewalls, intrusion detection systems, and network segmentation.

What’s more, we can assist your organization in developing incident response plans to effectively respond to cyber security incidents, including procedures for detecting, containing, and mitigating cyber threats.

To learn more about these and other capabilities of Coro, check out our platform.