White House holds first summit on ransomware crisis hitting public schools

The White House held its first summit on the ransomware attacks that plague US schools, which has been putting privacy and data security of students and staff at risk. Experts warned that there are currently only limited federal resources available to ill-equipped schools to combat cyber attack.

 Flag, Landmark, The White House, Animal, Bird

The White House held its first summit on the ransomware attacks that plague US schools on 8 August, with cybercriminals releasing private student information on the internet, which includes not only medical records but also reports of incidents like sexual abuse. Experts praised the Biden administration for raising awareness. Still, they warned that there are currently only limited federal resources available to combat a scourge that cash-strapped school districts are ill-equipped to effectively defend against.

Evidence shows that nearly one in three US districts was breached in 2021, and at least 48 districts have been hit by ransomware attacks this year. More than 1.2 million students were affected in 2020. Typically, groups that speak Russian and operate from overseas steal the data, occasionally including personal information like social security numbers and financial particulars of district personnel. Following this, they deploy malware that encrypts the network and threatens to release the data on the internet unless a ransom is paid in cryptocurrency.

The list of actions revealed during the summit stated that the Cybersecurity and Infrastructure Security Agency will enhance specialised security evaluations for K-12 educational institutions. Technology companies such as Amazon Web Services, Google, and Cloudflare also provide grants and various forms of assistance.

Why does it matter?

The lasting legacy of a ransomware attack on a school is more than the closure of the school, the millions of dollars in recovery costs. It is the trauma staff, students, and parents suffer when their private information is exposed online. Adequate cybersecurity spending is the key to potential improvement. The survey found that only 16% of districts have full-time staff dedicated to securing networks, down from 21% last year. Only 24% of districts spend more than a tenth of their IT budget on defending against cybersecurity, while nearly half spend 2% or less.