Last year, reports revealed that education is now the most-targeted industry for cyberattacks. That threat continues today, and now cybercriminals are targeting our students. According to K12 leaders, they simply need more help.
The Consortium for School Networking (CoSN) recently filed a letter containing public comments advocating for the modernization of E-rate funding, a program that discounts telecommunications and information services for schools and libraries, to bolster schools’ IT infrastructures to mitigate cyber threats. Their letter comes in response to the Wireline Competition Bureau’s request for public comment regarding the use of these funds to address cyber crimes. According to a news release, school districts are desperate for state-of-the-art firewall tools and a “minimally burdensome” application process for accessing E-rate IT security funding.
“Cyberattacks on school disrupt learning, compromise sensitive student and teacher data, and waste millions of limited public resources,” said CoSN CEO Keith Krueger in a statement. “Modernizing E-rate to support modern firewalls will help schools—especially schools located in our highest-poverty communities—protect themselves. Firewalls are not the entire solution, but they are one key piece of the cybersecurity puzzle.”
At the moment, only “basic” firewall functions are supported by the program, according to THE Journal. More advanced options, like intrusion prevention and DNS filtering, are not available through these funds.
In a separate letter to the Federal Communications Commission, the Michigan Educational Technology Leaders said that expanding access to E-rate funding can help schools to bolster one of the single-most necessary components to not only crime prevention, but student learning: broadband internet.
“Since its inception, the E-rate program funded equitable access to broadband service in support of educational entities and the wider communities they serve,” the letter reads “Access to stable and secure broadband connection is essential to educators and students alike. The rise of cyberattacks has resulted in a great deal of loss. Students have lost instructional time due to crashed school networks; students, staff and patrons have had important personal data stolen and posted to the dark web; and millions of dollars have been paid to bad actors in efforts to recover lost data. Broadband Internet service is a necessity for the daily operation of schools and libraries in support of students and their communities.”
The National School Boards Association also filed comments in collaboration with 10 other organizations to allow schools and libraries to use these funds to address cybersecurity. According to their submission, policymakers are on the wrong side of the digital divide.
“Congress established the E-rate a quarter century ago because leaders recognized that without expanded universal service investments the emerging digital economy would leave many schools and libraries behind,” they wrote. “Today, the same community anchor institutions that Congress helped in 1996 are once again on the wrong side of a national digital divide. This time, community anchors— namely, our schools and libraries—are falling into a cybersecurity gap that threatens students’ and library patrons’ private data and prevents them from fully realizing the learning, workforce and other benefits that broadband connectivity conveys.”
These changes will only be adopted if the FCC believes the comments point to a critical need to modernize E-rate. Recent cyberattacks, however, speak for themselves. Last week, the Los Angeles Unified School District admitted that “approximately 2,000 student assessment records” were leaked on the dark web as a result of a chilling cyberattack that occurred in the fall of 2022. Also last week, student data from the Long Beach Unified School District was compromised and posted online by a hacker, according to officials.
“Our school district recently learned about an incident in which an individual gained access to a list containing student identification numbers, names and their corresponding LBUSD-provided email addresses,” according to an email from the district retrieved by the Press-Telegram. “Please know that LBUSD’s network remains secure.”
Amid persistent and malicious cyber crimes targeting students and schools, here are three ways districts can mitigate the risk:
- Don’t rely simply on safeguarding inboxes, user training and content filters.
- Begin using anti-phishing protection that utilizes AI computer vision to better detect malicious phishing attempts.
- Require everyone to use multifactor authentication, including students.
More from DA: 3 ways to help protect your students from malicious phishing attacks