Chris Swagler | August 28th, 2023



On Tuesday, the White House convened an unprecedented cybersecurity “summit” to confront the alarming surge of ransomware attacks targeting American public schools. Threat operators have wreaked havoc by infiltrating school systems and exposing sensitive student data, ranging from medical records to psychological evaluations and reports of sexual assault. This dire situation has prompted urgent discussions on safeguarding students’ personal information and preserving their privacy.

The summit, a monumental gathering that underscores the gravity of the issue, was attended by various stakeholders, including First Lady Jill Biden, who passionately advocated for the protection of student data. As a teacher herself, she emphasized the importance of creating an environment where students can seek guidance without fearing their conversations would be divulged to the world.

The scale of the ransomware crisis is staggering. Cybersecurity company reports that this year alone, ransomware attacks have targeted at least 48 school districts—surpassing the total for 2022. Disturbingly, most of these attacks involve data theft, with Russian-speaking foreign groups often stealing sensitive information such as Social Security numbers and financial data. These criminals then deploy network-encrypting malware and demand payment in cryptocurrency, threatening to release the stolen data online if their demands are not met.

The extent of the problem was further highlighted by the Deputy National Security Advisor for Cyber, who revealed that major cyberattacks had victimized schools across several states during the previous academic year. A 2022 report from the Government Accountability Office underscored the impact on students, with over 1.2 million students affected by lost learning time due to cyber incidents in 2020 alone.

Homeland Security Secretary issued a stern reminder about the ruthlessness of cyber attackers and their willingness to exploit even the most sensitive information. Reports of suicide attempts, for instance, have been dumped online by extortionists. The secretary encouraged educators to utilize federal resources to enhance their cyber defenses.

Although the Biden administration’s focus on this issue was lauded by education technology experts, they lamented the limited federal funding allocated to address the crisis. Strapped for resources, many school districts struggle to mount effective defenses against these attacks. However, the summit did bring forth several measures to counter the ransomware menace. The Cybersecurity and Infrastructure Security Agency announced heightened security assessments tailored for the K-12 sector. Major technology providers, including Amazon Web Services, Google, and Cloudflare, pledged support through grants and other means.

Federal Communications Commission Chairperson proposed a pilot initiative that could provide $200 million over three years to bolster cybersecurity in schools and libraries. Although deemed insufficient by some, this initiative could mark a step in the right direction. The CEO of the nonprofit Consortium for School Networking advocated for more significant funding from the FCC’s E-Rate program, which has been instrumental in expanding broadband access across educational institutions since 1997.

What remains clear is the recognition from the White House, Departments of Education and Homeland Security, and the FCC that the ransomware onslaught targeting the nation’s 1,300 public school districts is an urgent crisis demanding immediate action. The fallout from these attacks extends beyond mere school closures and financial implications. The profound trauma experienced by staff, students, and parents due to the exposure of private records online constitutes the true legacy of these incidents.

The superintendent of the Los Angeles Unified School District, the second-largest district in the nation, shared invaluable insights during the summit. He emphasized that paying ransom to hackers is not a viable solution, as it doesn’t guarantee the safekeeping of stolen data. FBI guidance indicated that paid ransoms could still find their way onto the dark web, perpetuating identity theft, fraud, and other crimes.

School systems have struggled to respond swiftly due to factors such as the shortage of full-time cybersecurity staff. A Consortium for School Networking survey found that only 16% of districts have dedicated network security personnel—a decrease from the previous year. Additionally, inadequate cybersecurity spending further compounds the issue. The survey revealed that only 24% of districts allocate more than 10% of their IT budgets for cybersecurity defense.

The White House summit is pivotal in addressing the ransomware crisis gripping U.S. schools. It has brought together leaders, experts, and stakeholders to strategize, collaborate, and implement measures that safeguard student data, preserve privacy, and fortify the cybersecurity defenses of the nation’s educational institutions. As the government, tech companies, and educational leaders rally together, the hope is that this united effort will mark the turning point in securing the educational landscape from cyber threats, enabling students to thrive in a safe and digitally resilient environment.

At SpearTip, we offer cybersecurity awareness training designed to educate individuals and organizations about best cybersecurity practices and provide the knowledge and skills necessary to protect their systems and data from cyber threats. Our training covers topics such as password security, phishing scams, social engineering, malware, data protection, and network security. By providing cybersecurity awareness training, organizations, and their employees can better understand the risks of the cyber landscape and develop impactful cybersecurity practices that can reduce the likelihood of cyberattacks. Cybersecurity awareness training is an essential component of any comprehensive strategy to protect sensitive information, such as personal data, financial information, or intellectual property, and prevent data breaches, system downtime, and other negative consequences from cyberattacks.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.