Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Why Are Local Schools the Latest Target for Hackers?

As cybercrime has increased during the coronavirus pandemic, more and more local school districts are under cyberattack. Experts say there are two main reasons why hackers are focusing on the local schools.

(TNS) — Hackers breached the computer network of Michigan's Walled Lake Consolidated Schools over the weekend, shutting down district computers but not online classes, which resumed normally Monday morning.

"They use Google classroom and Zoom and all those programs are working," spokeswoman Judy Evola said Monday morning. "Kids are learning right now as we speak."

The nature and extent of the hack is not yet clear and the district's cyber insurance carrier is helping address it, Superintendent Kenneth said in an email to parents.

Security experts say that criminal groups are ramping up attacks on local school districts. In August, hackers breached the network of Nevada's Clark County School District, which includes Las Vegas, threatening to disclose things like employee social security numbers and student names and grades unless a ransom was paid. In September, hackers breached the system at Virginia's largest school district, the Fairfax County Public Schools. 

"As you may have heard, FCPS was the victim of a cybersecurity incident involving a ransomware attack," the district posted on its website last week. "Earlier this evening, the attackers posted the information that they stole on the dark web."

Last year, the governor of Louisiana declared a state of emergency to address cyber attacks on several school districts in that state.

Experts say the attacks are growing for several reasons.

"One is that school districts tend to run older equipment and older applications and so they may not be the most up to date and modern," said Doug Levin, founder of the K-12 Cybersecurity Resource Center, which maintains an online database of attacks on districts. Districts also may not have as many resources to put into cyber defenses as private companies do. 

Another reason is simply money, Levin said. Hackers have launched so-called ransomware attacks, where they hack into a system, shut it down and demand money to unlock it. In other cases, they steal the personal data of both employees and students, which they can sell to identity thieves.

"Student personal information can be very valuable because the criminals can open credit in the record of students, who many not be monitoring their credit," Levin said. "If they're able to do that, they're able to use that student identity information to open account after account and essentially ruin the student's credit. They may not learn until they're 16 or 18 when they first go to establish credit or maybe try to get a college loan."

Levin said parents can contact credit reporting agencies to freeze the credit of their minor children to make it harder for criminals to open accounts in their names. 

Levin started tracking cyber attacks on K-12 school systems in 2016 and since then, has recorded more than 1,000 of them across the country. 

"That's publicly disclosed incidents," Levin said. "There might be, easily, 10 times that many undisclosed incidents."

It's not yet clear why Walled Lake Schools were targeted.

"We have confirmed that our systems have been hacked," Gutman wrote to parents in an email Sunday evening. "Upon suspicion of this we engaged, immediately, with a team of forensic experts, a cyber counterintelligence consulting firm, and a law firm that specializes in cyber attacks."

The district isn't providing precise details on which parts of its system were compromised.

"What we have learned is that the attackers were successful in gaining access to our system and that there is the possibility that credential and other information was available to them," Gutman said. "While systems will be brought back over the course of this next week, it is not yet known when we will have access to those systems."

Other Michigan school districts have been hacked in recent years with varying degrees of harm. In May 2018 Bloomfield Hills Schools announced that "a couple" students had hacked into the district's computers to change their grades.

In late December 2019, hackers attacked Richmond Community Schools in northern Macomb County, shutting down some of its network and demanding $10,000 ransom, to be paid in bitcoin, an electronic currency that's difficult to trace.

The district refused to pay and was eventually able to regain control of its network.

©2020 the Detroit Free Press. Distributed by Tribune Content Agency, LLC.