Sound journalism, grounded in facts and Biblical truth | Donate

Locked out of class

Cyberattacks paralyze schools during online learning

A Los Angeles Unified School District teacher leads an online class for a remote student at the Boys & Girls Club of Hollywood, Calif. Associated Press/Photo by Jae C. Hong (file)

Locked out of class

The state of Maryland on Nov. 24 blasted Baltimore public schools’ computer network for not guarding personal information, saying “significant risks” threatened its security. The next day, a cyberattack froze the schools’ website and email and grading system, halting classes for 115,000 students until Dec. 2.

Old networks, weak security, and troves of personal information make schools a tempting target for hackers. Online learning during the pandemic has only made school districts more vulnerable.

Microsoft estimates that 63 percent of 10 million malware encounters it monitored in the past 30 days occurred on devices used for education. Pew Trusts reported that between July and September, at least 16 districts across the country delayed classes, lost data, or were forced to repair thousands of school-issued laptops due to cyberattacks.

Sometimes hackers have no clear motivation: “Zoombombers” drop into online classes and distract or harass students. Attackers sent more than 8 million racist emails to students in one Florida county.

But often, hackers want money.

In a ransomware attack, computer criminals encrypt a target’s data to make it unreadable and then demand payment in exchange for a decryption key. Sometimes they extract sensitive information and threaten to leak it online if their demands aren’t met. In September, hackers posted grades and Social Security numbers from students in Las Vegas, The Wall Street Journal reported.

To avoid this, some schools hand over the money against the advice of the FBI, which argues giving in only encourages future attacks. Cybersecurity firm Coveware reported average ransom payments across all industries climbed to $111,605 in early 2020, up 33 percent from late 2019. The Journal found school districts and colleges paid at least $12 million in ransoms to hackers over the last year. Once paid, 97 percent of hackers provide the promised decryption key, according to Coveware.

Sometimes districts find a way out. In Athens, Texas, a school board authorized a $50,000 ransom payment before the school discovered an unencrypted backup of its data that allowed it to reset the compromised devices and regain control. The district posted an update to its Facebook page: “Athens ISD has a message for its cyberattackers: Nope.”

Esther Eaton

Esther is an education reporter for WORLD. She is a World Journalism Institute and Liberty University graduate and enjoys bringing her parakeets on reporting trips.



Please wait while we load the latest comments...


Please register or subscribe to comment on this article.

Clark W. Griswold III

How awful! 

Ann Marshall

The school system in Huntsville, AL ("Rocket City USA") is also shut down because of a ransomware attack. Though the ransom won't be paid, it's going to be expensive to recover.