Cyberattacks Hurt US Schools during Pandemic


    13 February 2022

    The COVID-19 pandemic has changed how American schools operate. Over the past two years, students and teachers in many places have depended on virtual learning to slow the spread of the coronavirus.

    Many schools are open again. But attacks by cyber-criminals are making it hard for schools to return to normal.

    Cyber-criminals use computer networks and software called ransomware to take control of computer systems that schools use to keep student information. The criminals say they will return control to the schools if they receive a payment.

    Art teacher Sarah Hager works at a computer in her classroom at Cleveland Middle School on Sunday, Jan. 23, 2022, in Albuquerque, N.M. (AP Photo/Cedar Attanasio)
    Art teacher Sarah Hager works at a computer in her classroom at Cleveland Middle School on Sunday, Jan. 23, 2022, in Albuquerque, N.M. (AP Photo/Cedar Attanasio)

    For teachers at a middle school in Albuquerque, New Mexico, the first sign of a widespread problem came during an early morning video meeting. Nobody could open attendance records, and everyone was locked out of class lists and test results.

    Albuquerque administrators later confirmed an outage that blocked them from the district's student database. That database includes important information other than just student names and test results. It also includes emergency contact information and the names of adults who are permitted to pick up each child.

    The database was under attack by cyber-criminals.

    "I didn't realize how important it was until I couldn't use it," teacher Sarah Hager said of the database. She teaches art at a middle school in Albuquerque.

    Schools in New Mexico, Maryland, Florida, Wisconsin, New Jersey and other states have reported problems with cyber-attacks.

    Doug Levin is director of K12 Security Information Exchange, a company that helps schools defend themselves against cyber-attacks. He said there have been over 1,200 attacks on schools since 2016. Over 200 of the attacks used ransomware to take control of school systems. Other forms of attack include people interrupting video lessons with students.

    In Baltimore, Maryland, a cyber-attack in late 2020 closed schools and made it difficult for students to continue learning from home. Recent news stories have reported that it cost nearly $10 million to improve the school system's information database and add security to defend against future attacks.

    Earlier this year in New York City, criminals attacked the computer system of an education company that makes software for schools. As a result, teachers could not use the software to record student test results.

    On January 12, cyber-criminals attacked schools in Albuquerque. Computer experts needed five days to reset the school's database.

    Scott Elder leads the Albuquerque schools. He said the unexpected move to computer-based learning two years ago created openings for the criminals to enter the school networks. He did not say whether Albuquerque paid money to the criminals to return control of the databases.

    Sarah Hager, the Albuquerque art teacher, said the attack caused numerous problems. The school's system for tracking COVID-19 infections, for example, was part of the database. Hager said it is possible some students came to school sick. The school was not able to find them and send them home.

    Last year, the U.S. Federal Bureau of Investigation, or FBI, warned schools about ransomware gangs. One is called PSYA. Another is known as Conti. Conti asked for $40 million from a large school system near Miami, Florida. The FBI said the groups are mostly Russian-speaking and based in Eastern Europe.

    Emsisoft is a company that studies cyber-attacks and sells protection software. Brett Callow, an expert with the company, said more smaller school systems started getting attacked in 2021. He said school systems in large cities have the money to spend to protect their databases. In smaller cities, that is not always the case.

    Truth or Consequences is a small city in New Mexico. About 1,300 students attend the city's schools. Its computer system was attacked in late December.

    Channell Segura leads the schools in Truth or Consequences. She called the attack "a disgusting way to get money," because it hurts children.

    The crimes are creating debates on how to stop the attacks. Some people say teachers should use paper to keep track of student information instead of databases. But many teachers say that would make their work take much longer.

    The crimes are also causing school systems and states to spend more money than usual. In New Mexico, state leaders are working to add $45 million to the budget to create a cybersecurity program by 2027.

    U.S. President Joe Biden signed the K-12 Cybersecurity Act in October. The act asked a federal agency to help schools protect themselves.

    I'm Dan Friedell.

    Dan Friedell adapted this story for Learning English based on a report by the Associated Press.

    Do schools in your country have this problem? What are they doing to prevent cyberattacks? Write to us in the Comments Section and visit 51VOA.COM.

    ________________________________________________________

    Words in This Story

    virtual adj. existing on computers or the internet

    cyber adj. relating to computers or the internet

    track v. to follow or watch something

    gang n. a group of criminals

    disgusting adj. something that is unpleasant or does not taste good