As students returned to school across the country over the past two weeks, school districts are facing an unprecedented wave of ransomware attacks. In the past month, dozens of districts nationwide have been affected by ransomware attacks, in some cases taking entire school systems’ networks down in the process.
All classes were cancelled September 5 at Flagstaff Unified School District schools in Arizona after the discovery of a ransomware attack against the district’s servers on Wednesday, September 4. All Internet services were taken down by the school district’s information technology team at about 3pm local time on Wednesday, when the ransomware was discovered during what district officials said was routine maintenance.
“We have had to break the connection from the Internet to our school sites while we work with Internet security experts to contain and mitigate the issue,” FUSD spokesman Zachery Fountain said in a statement to press. No further details on the ransomware were released, and district officials are not sure whether any personal identifying information has been exposed.
More than 70 state and local government agencies have been hit with ransomware so far this year. This steady drumbeat of ransomware attacks against state and local government agencies, including school districts, has not gone unnoticed by citizens. People are increasingly concerned about the damage being done by ransomware. In a recent survey of 2,200 citizens conducted by Morning Consult on behalf of IBM Security, 75% of those surveyed across the United States acknowledged that they are worried about ransomware attacks on cities. And 60% said that cities should not pay the ransom for attacks when they fall victim; instead, they’d prefer focusing such spending on recovery costs.
But when it came to paying for improved local cybersecurity to prevent attacks, citizens largely passed the buck: 90% of citizens surveyed said that funding should come from the US Federal government rather than from local tax dollars. And over 75% believed the US government should reimburse local governments for costs incurred as the result of a ransomware attack.
Currently, the US government has taken mostly an advisory role in dealing with state and local cybersecurity, and some states have been openly hostile to efforts by the Department of Homeland Security to provide security assessments in the past. The Cybersecurity and Infrastructure Security Agency (CISA) at DHS provides regional experts to assist states on a number of information security fronts, but it currently lacks the manpower and budget to provide significant assistance in helping secure local government networks.