US schools struggle to counter growing ransomware risks
Experts urge stronger cybersecurity and warn against paying ransoms after school cyberattacks.
K-12 schools across the United States are facing a surge in cyberattacks, driven by rising digitisation, vast troves of personal data, and underdeveloped cybersecurity defences.
Between July 2023 and December 2024, 82% of US schools experienced at least one cyber incident, according to a March report from the Center for Internet Security.
Attackers are drawn to schools’ access to sensitive records and often find outdated systems and under-resourced IT teams unable to prevent or respond effectively. In a major case earlier this year, a 19-year-old admitted to hacking PowerSchool, a widely used student information system, and extorting $2.85 million.
The breach compromised personal data of over 60 million students and 10 million teachers. More than 100 school districts are now suing PowerSchool over the attack.
Schools targeted in the incident also received threats demanding payment—a growing trend linked to ransomware actors seeking maximum leverage. Tracking school cyberattacks remains difficult. Many cases are never publicly confirmed, either by victims or by the attackers themselves.
Comparitech defines a ransomware attack as confirmed only when the victim publicly acknowledges it or when the disclosure aligns with a group’s claims.
As schools face ongoing digital threats, security experts are urging stronger protections, including mandatory multifactor authentication and comprehensive cybersecurity insurance policies.
When breaches occur, institutions are advised to act quickly—determining whether outside support is needed, contacting law enforcement, and informing federal cyber units.
The FBI warns against paying ransoms, noting that payment neither guarantees data recovery nor prevents future attacks, while potentially incentivising further criminal activity.
The Department of Homeland Security’s Computer Emergency Readiness Team remains a key federal partner for schools responding to cyber threats or breaches. Without substantial improvement in digital defences, public schools will remain a vulnerable and lucrative target for malicious actors seeking easy rewards.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!