We do need an education

With schools across the US increasingly falling prey to ransomware attacks, two US senators are calling for the Department of Homeland Security (DHS) to create a set of guidelines to help schools improve their cybersecurity systems.

Senators Gary Peters, a Democrat representing Michigan, and Rick Scott, a Republican for Florida, have introduced a bill instructing the DHS's Cybersecurity and Infrastructure Security Agency (CISA) to examine schools’ security risks and challenges.

The K-12 Cybersecurity Act of 2019 (PDF) would also require CISA to create a set of cybersecurity recommendations and online tools for schools over the next year.

The tools would be designed to educate officials about the new recommendations and suggest strategies for implementing them.

There's no detail on what these recommendations and tools might be, and no funding has been allocated.

However, the bill is similar in principle to the State and Local Government Cybersecurity Improvement Act, recently passed by the Senate, which would see the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) providing state and local officials with access to security tools and procedures and carrying out joint cybersecurity exercises.

"Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of [the] resources and information needed to adequately defend themselves against sophisticated cyber-attacks," said Peters.

"This common-sense, bipartisan legislation will help to ensure that schools in Michigan and across the country can protect themselves from hackers looking to take advantage of our nation’s cybersecurity vulnerabilities."

Off syllabus

Over the last few years, there has been an increasing number of ransomware attacks on US public sector organisations, including schools.

Data from cloud security firm Armor shows that 72 school districts or individual educational institutions have publicly reported being a victim of ransomware this year, with 1,039 schools impacted.

Connecticut saw seven school districts hit, while Louisiana went so far as to declare a state of emergency after schools across the north of the state were hit by malware in July. The Rockville Centre, New York, school district, paid out nearly $100,000 after being hit by the Ryuk ransomware in August.

Indeed, according to research from Malwarebytes, education was the top target for trojan malware during the 2018-2019 school year, and the most-detected threat category for all businesses in 2018 and early 2019. Adware, trojans, and backdoors were the three most common threats, with ransomware attacks soaring by 365% in the year to Q2 2019.

Schools are particularly easy targets, as they tend to be short on funding and often have outdated systems.

Adam Kujawa, a director of Malwarebytes Labs, told The Daily Swig: "Education organizations face several issues in reference to securing networks that many private businesses don't deal with.

“For example, the increased opportunity for infection due to endpoints being spread across a campus, being accessed by both student and staff, many of which can affect the security of that endpoint and possibly the entire network with careless use – opening malware – or intentional malice.

“Overall, this kind of environment shouldn't be treated as any other organization, so I am glad they are doing a study first to identify the unique problems educational networks deal with. We will have to wait and see if the results of this study – the tools developed and made available – will be effective or even deployed across the board."

RELATED Ryuk ransomware implicated in City of New Orleans shutdown