The surge in cyberattacks on K-12 schools, targeting vulnerable computer systems and exploiting the lack of cybersecurity experts, is causing widespread disruptions across the nation. With incidents doubling in 2023, these attacks, often involving ransomware and data theft, underscore the urgent need for enhanced cybersecurity measures to safeguard student records and maintain the continuity of education. (NPR)
Prevention Tips
At home and at school, protect your systems by performing the following:
-
Deploy multi-factor authentication. (MFA)
-
Mitigate known exploited vulnerabilities.
-
Implement and test backups.
-
Regularly exercise an incident response plan.
-
Implement a strong cybersecurity training program.
If you lack adequate resources, consider leveraging:
-
-
Free or low-cost services to make near-term improvements in resource-constrained environments.
-
Technology providers enable strong security controls by default for no additional charge.
-
Minimizing the burden of security by migrating IT services to more secure cloud versions.
-
CISA’s online toolkit provides additional free cybersecurity training and resources available for the K-12 community.
Every K-12 organization—large and small—must be prepared to respond to disruptive cyber incidents. The Cybersecurity Infrastructure and Security Agency (CISA) is available to help you prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, they can use this information to render assistance and as a warning to prevent other organizations and entities from falling victim to a similar attack. CISA encourages our stakeholders to voluntarily share information about cyber-related events that could help mitigate current or emerging cybersecurity threats to critical infrastructure.
Sharing thwarted or actual cyber incidents with an information-sharing organization could help mitigate current or emerging cybersecurity threats to critical infrastructure.
If you realize you clicked or responded to a phishing email, you will need to change your passphrase. Additionally, you can report the incident to the FTC at ReportFraud.ftc.gov or the Internet Crime Center at www.ic3.gov. Please remember, that security is everyone’s responsibility.
The views, information, or opinions expressed in this article are solely those of the author and do not necessarily represent the views of Citizens State Bank and its affiliates, and Citizens State Bank is not responsible for and does not verify the accuracy of any information contained in this article or items hyperlinked within. This is for informational purposes and is no way intended to provide legal advice.
