A new joint advisory – warning of cyber threats to K-12 schools – was released by the FBI, CISA, and MS-ISAC. Please share widely.
Unpatched School Servers Allows Ransomware to Flourish
Two years after security patches were published to address the issue hundreds of U.S. K-12 schools still haven’t fixed vulnerabilities in their servers at the root of WannaCry ransomware and its variants.
Nightmare on Johnson Street
In this podcast, hear from Kacey Sensenich, Chief Technology Officer of Rockingham County Schools, about the district’s experience with a cyber incident: how it happened, how the malware was discovered and then removed, and what the district is doing now for added protection.
Press Conference: Rockingham County (NC) Schools Respond to a Malware Attack
When schools rely on technology for teaching, learning, and school operations, the impact of a cybersecurity incident can be significant.
Schools Struggle to Keep Pace With Hackings, Other Cyber Threats
To better understand the cybersecurity challenges facing schools, Education Week talked with school leaders in Arizona, Connecticut, Montana, and Texas about the cybersecurity incidents they faced, and how they responded. They found that the country’s K-12 information-technology leaders are likely underestimating the dangers they face and that many are failing to take even basic steps to secure their networks and data.
There Can Be No Privacy without Security
If there is an Achilles’ heel to a future of robust personalized learning for all K-12 students, it is the uneven attention to the cybersecurity risks facing school information technology assets and data. In this post, I offer emerging lessons about real and perceived information security issues facing schools from the data underlying the K-12 Cyber Incident Map.
Introducing the K-12 Cyber Incident Map
Today, I am pleased to introduce and launch the “K-12 Cyber Incident Map.” It is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present. Painstakingly assembled from public reports, it was created to begin to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts, as well as to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
How Should We Address the Cybersecurity Threats Facing K-12 Schools?
There are a range of potential cybersecurity threats facing K-12 schools. Thanks to my invited participation in a National Governors Association cybersecurity summit, I’ve documented my current thinking on the cybersecurity in K-12 education, why it is an important issue, and what should be done about it. Ultimately, if we can’t generate the political will to address these issues head on, states and the federal government have no business pursuing school reform and improvement strategies dependent on technology.