Is your school secured against cyber threats?

By Richie Almeida, Integrated Marketing Specialist on November 3, 2022

Learn more about the importance of cyber safety, best practices and free resources to help ensure you’re not the next victim.

Schools provide the support needed to help ensure a brighter future for millions of students across the country. Unfortunately, with such a huge responsibility on your hands—and the large amount of sensitive data you may have stored—you could be a tempting target for cybercriminals who won’t think twice about holding your school ransom for a big payoff.

Think it can’t happen to your school? Think again.

Here are a few alarming statistics that you should know:

Know your terminology.

With cyberattacks becoming more frequent, proactive cybersecurity starts with education, and knowing key terminology can be an important first step to becoming more cyber-aware and secured. The International City/County Management Association (ICMA) highlights a few definitions to know—and while ICMA is an association of city and county managers specifically serving local governments, these are terms that all entities should be aware of:

  • Malware: malicious software that’s installed and can encrypt data and files, block user access, exfiltrate data, etc.
  • Ransomware: a type of malware that encrypts sensitive data and files, followed by demanding a ransom to unlock the encrypted info.
  • Phishing: a form of social engineering in which cybercriminals fish for victims by sending emails with promises, opportunities or threats to deceive victims.
  • Spear phishing: a more sophisticated, targeted form of phishing which has cybercriminals using just enough information to make the victim believe the email came from someone known to the victim or another trusted source.
  • Brute force: when an attacker uses software to continuously “bang away” in an attempt to gain access to a victim’s computer, network or IT system.
  • Zero-day: an attacker’s identification of a weakness in a network or IT system. One example includes defects in outdated software versions.
  • Denial of Service (DoS): an attack that sends massive volumes of traffic to overwhelm an organization’s website or server.
  • Distributed Denial of Service (DDoS): a type of DoS attack that uses multiple computers simultaneously to shut down a website or server to all users.

As these threats continue to impact schools across the country, let’s take a moment to look at a few real-life examples.


Baltimore County Public Schools

Baltimore County Public Schools faced a ransomware attack in November 2020. The attack happened during full-time virtual learning, and brought Maryland’s third largest school district to a halt—cancelling virtual learning for 115,000 students for several days. A day before the attack, a state audit found “significant risks” within the system’s computer network as it was not adequately secured, and personal information wasn’t properly safeguarded. A year following the initial attack, it was reported that the cost of ongoing recovery totaled nearly $9.7 million.

The impact of this attack was still being felt in 2022, too. When the hackers hit the school system, retired teachers were unable to change their medical insurance payments—even when they changed policies. This continued for more than a year following the attack and affected up to 9,000 retirees, and in some cases, retired teachers were owed thousands of dollars.

Clark County School District

In August 2020, during the first week of school, Clark County School District (CCSD)—the fifth largest school district in the country—was targeted by hackers when computer systems became infected with a virus prohibiting access to certain files. When officials refused to pay a ransom to unlock the district’s computer servers, the hackers published documents containing social security numbers, student and employee names, addresses and grades.

One month following the ransomware incident, CCSD started to receive reports of individuals getting phishing phone calls from numbers that appeared to be connected to the school district. These calls appeared to be a third-party spoofing caller ID and used robocalls to attempt to phish and demand payment—a great reminder that phishing attacks don’t always come in the form of email!

Broward Country Public School District of Florida

In March 2021, Broward County Public School District of Florida experienced a ransomware attack that had hackers demanding $40 million in ransom. After refusing to pay up, the hackers published nearly 26,000 stolen files—many of which contained accounting and financial records, and confidential employee and student information.

An investigation into the breach found that access to the school network was first gained by unauthorized individuals in November 2020, with the ransomware being deployed in March 2021. It was also revealed that the district withheld details and delayed notifying potential victims of the cyberattack—putting them in the media’s spotlight.


The road to recovery

The recovery process can vary—in some cases dragging on for months and even more than a year—and in instances where you pay hackers’ ransom demands (which is never encouraged), the time it takes to restore and upgrade equipment can still be significant. In addition to the disruption to your school day, the cost of a breach can rack up millions.

In fact, according to IBM’s annual Cost of a Data Breach Report—which studied over 550 data breaches worldwide—the average cost of a breach rose from 4.24 million in 2021 to 4.35 million in 2022 (with the average cost in the U.S. alone being $9.44 million). To calculate this number, four elements were taken into consideration: detection and escalation, notification activities, post breach response and lost business.

While these numbers are alarming enough, in some high-profile and extreme cases, they can be even higher. For example, the 2020 attack on Baltimore County Public Schools that was detailed above.

So, how can you avoid falling victim? While there’s no one-size-fits-all solution, there are various strategies you can put in place to minimize your cyber risks. Consider the following to help keep your data safe and secured.


1. Minimize vulnerabilities and the risk of operational disruptions

Following the ransomware attack on the Colonial Pipeline in May 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released an announcement with recommendations to help prevent business disruption from an attack and mitigate vulnerability.

While these recommended strategies are aimed toward the critical infrastructure industry, this information is relevant to almost all business and public entities—schools included.

To reduce your risk of compromise:
  • Require multi-factor authentication for remote access to OT and IT networks
  • Enable strong spam filters to help prevent phishing emails
  • Implement a user training program and simulated attacks for spearphishing
  • Filter network traffic to help prevent access to malicious websites
  • Update software such as operating systems, application and firmware on IT network assets regularly
  • Limit access to resources over networks, especially by restricting Remote Desktop Protocol (RDP)
  • Set antivirus/antimalware programs to conduct regular scans
  • Implement unauthorized execution prevention
To minimize severe business disruption in the event of a future attack:
  • Implement and ensure network segmentation between IT and OT networks
  • Organize OT assets into logical zones
  • Identify OT and IT inter-dependencies and develop workarounds or manual controls
  • Regularly test manual controls
  • Implement regular data backup procedures on both the IT and OT networks
  • Ensure user and process accounts are limited through account use policies, user account and privileged account management
If impacted by a ransomware incident:
  • Isolate the infected system
  • Turn off other computers and devices that share a network with the infected computer(s) that have not been fully-encrypted by ransomware
  • Ensure your backup data is offline and secure

Check out the advisory to learn more about each mitigation tactic >>>

2. Learn to spot phishing emails

Did you know that more than 90% of all cyberattacks begin with phishing? Being able to identify these types of emails will be critical. Here are 4 red flags to look for:

  1. Unknown email sender
  2. Email requests personal or financial information
  3. Email wants the recipient to respond immediately or makes an urgent request for information (be on the lookout for upsetting or exciting statements asking you to act fast)
  4. Email wants the recipient to open an attachment or click a link unexpectedly (hover your mouse over the link to see what website URL appears)


3. Find additional cyber resources

Visit our cybersecurity site for even more free valuable tools and best practices to help keep your school safer online.

Just one cyber breach can have you spending millions, impact your school and its mission, and damage your reputation. Don’t wait. Now is the time to make sure you have established policies and plans in place to better protect yourself from cybercriminals.

Richie Almeida, Integrated Marketing Specialist

Richie is an avid movie goer with an addiction to Sour Patch Kids. If he isn’t at the movies, he is at the gym or on a hike trying to make up for his bad eating habits.


The information contained in this blog post is intended for educational purposes only and is not intended to replace expert advice in connection with the topics presented. Glatfelter specifically disclaims any liability for any act or omission by any person or entity in connection with the preparation, use or implementation of plans, principles, concepts or information contained in this publication.

Glatfelter does not make any representation or warranty, expressed or implied, with respect to the results obtained by the use, adherence or implementation of the material contained in this publication. The implementation of the plans, principles, concepts or materials contained in this publication is not a guarantee that you will achieve a certain desired result. It is strongly recommended that you consult with a professional advisor, architect or other expert prior to the implementation of plans, principles, concepts or materials contained in this publication.

This blog post may contain the content of third parties and links to third party websites. Third party content and websites are owned and operated by an independent party over which Glatfelter has no control. Glatfelter makes no representation, warranty, or guarantee as to the accuracy, completeness, timeliness or reliability of any third party content. References to third party services, processes, products, or other information does not constitute or imply any endorsement, sponsorship or recommendation by Glatfelter, unless expressly stated otherwise.

Related posts

How you can help protect your most important asset: your people, and how to help them set up their insurance benefits so that they reflect their wishes.

Continue Reading

Consider these best practices to avoid significant property damage, costly repairs and potential interruptions to your school day due to pipe freezing.

Continue Reading

It’s crucial to understand the fundamentals of employment practices, why they’re important and ways you use them to help protect your organization and your most important asset, your...

Continue Reading

Submit a Comment