School District Employees Fall Under Attack #ITCouldBeWorse 

PK Tech Blog Image (29)

It’s easy to miss the cybersecurity threats and attacks happening almost everywhere. At PK Tech, our goal is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware – without being afraid – of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity. 

This month we’re highlighting the Concord School District in New Hampshire. What happened, what was the fallout, and why should you care? 

We’re covering it all here. Let’s dive in.

What the “Hack” Happened?

In 2016, the Concord School District experienced a crushing cybersecurity attack affecting all district employees (reference). The cybercriminals infiltrated W-2 wage and tax forms for district employees. Forms included sensitive information such as Social Security numbers, names, and addresses. 

With the information, the infiltrators checked employee accounts and initiated credit monitoring. 

While mainly targeting employees, the attack divulged sensitive information of some students in the system, such as summer custodial staff and student refugees.

The Fallout

Like that of a for-profit organization, the fallout of the Concord School District attack meant massive downtime and costly resources to regain a sense of normalcy. In the unfortunate event of an attack on a school, it meant  children were missing out on valuable time and resources to learn. After this devastating attack, the district was shut down for a period of two to four weeks, depending on the department.

In many such cases, the infiltrators not only steal the information but use it maliciously. This can include taking out fraudulent loans with student social security information, which gravely affects credit scores when students become adults.

In fact, the fallout was not just limited to the Concord School District. Over the span of six years, from 2016 to 2022, 1,619 schools reported security breaches across the United States. In many cases, attacks stole personal information and even took it a step further, demanding ransom for the release of information. Also, investigations have involved federal-level law enforcement in many cases and are still ongoing. 

Lessons Learned #ITCouldHaveBeenWorse

Educators, state officials, and federal law enforcement can all agree on one thing: K-12 schools are a major target for ransomware attacks. 

This truth has prompted proactive gatherings of state officials, private sector security experts, and former school administrators, all joining together to take more proactive measures to reduce repeated attacks on the same industry. Together, they are working to increase financial and technical support for schools to reduce future attacks.

In addition, the U.S. Cybersecurity and Infrastructure Security Agency is working with many school districts, beginning with those on the East Coast, to guide cybersecurity advice and best practices to enhance IT security.

As with ransomware on business organizations, attacks on school districts will continue without pointed and proactive measures to reduce their vulnerability as prime targets. What does this look like? 

It will be different for every school, but the general framework should include: 

  • Advancing security measures for employees and students on staff
  • Utilizing multi-factor authentication for employee accounts, specifically those for tax or payroll information (or other sensitive information that could be a likely target)
  • Encouraging student, parent, and employee vigilance–including reviewing account statements, explanation of benefits, and monitoring free credit reports for suspicious activity.  

Without proactive measures, attacks are likely to get worse and more frequent. With the adoption of proactive cybersecurity measures and experienced IT teams, the hope is that school districts, if attacked, will have minimal negative fallout. 

In which case, we’d be the first to say, “we told you so,” and of course–#ITCouldBeWorse.