23 July, 2019
Cyber attackers are increasingly targeting school systems around the United States. The effects of such attacks worsen as more American schools use technology for teaching.
A recent example comes from Connecticut. Cyber attacks cut internet connection to the Avon Public School system several times a day over a six week period.
The attackers did not capture sensitive information from the school system. But the damage was still costly. Classroom teaching plans that required the internet were halted.
Robert Vojtek is the school system's technology director. He sought help from the Federal Bureau of Investigation, or FBI.
"The first time I called the FBI, their first question was, ‘Well, what did it cost you?'" he said. Vojtek explained that teaching and learning stopped for some 4,000 students. He asked, "How do you put a price tag on that?"
The FBI says schools are targeted because they hold sensitive data and provide important public services.
It said in a written statement that the attackers are criminals seeking profit, young people playing jokes and possibly even foreign governments.
Attacks against schools have become common, the FBI said, but it is impossible to know how often they happen because many are never reported.
Schools with few or no information security employees are often surprised to find themselves as targets.
Coventry local school system in Ohio has about 2,000 students. In May, it had to close schools as it worked - with FBI support - to fight a virus that had infected its computer system.
The school system did not have cyber security insurance, said its technology director, Kelly Kendrick. Her three-person department is still working to repair devices affected by the attack.
FBI officials told the school system that the attackers apparently did not get sensitive information. But Kendrick said it was clear they were after data of some kind.
"Why this little school in Akron, Ohio? Why was it a target?" Kendrick said. "It has really opened my eyes to how data of any kind is marketable, sellable."
In September, the FBI issued a public service announcement. The announcement warned against the widespread collection of student identification data and other information, including educational progress reports and classroom activities. Such data could affect privacy and safety if compromised, the FBI said.
Stolen data could lead to tracking, identity theft and other threats, it said.
Punishment for cyber attacks can be severe.
In March, Olukayode Lawal, a Nigerian man living in Smyrna, Georgia, was sentenced to 10 months in prison. He was also ordered to leave the country. Lawal was found guilty of involvement in a plan to steal money using tax information of Connecticut school employees.
In North Dakota, a third of schools were hit with a malware attack last year. The attack was traced to North Korea, although it is unclear if it began there.
Sean Wiese is North Dakota's chief information security officer.
He said school cyber systems "may be considered easy targets because they're a little bit more open" than traditional business culture.
"I do feel that is changing, just not quickly enough," Wiese added.
I'm John Russell.
Michael Melia reported on this story for the Associated Press. John Russell adapted the story for Learning English.Caty Weaver was the editor.
_____________________________________________________________
Words in This Story
cyber – adj. related to computers or computer networks
insurance – n. an agreement in which a person makes regular payments to a company and the company promises to pay money if the person is injured or dies, or to pay money equal to the value of something (such as a house or car) if it is damaged, lost, or stolen
malware – n. short for "malicious software" ; malware causes damage to a computer or computer network
We want to hear from you. Write to us in the Comments Section.